NSOM: A Real-Time Network-Based Intrusion Detection System Using Self-Organizing Maps

نویسندگان

  • Khaled Labib
  • Rao Vemuri
چکیده

In this paper we describe an implementation of a network based Intrusion Detection System (IDS) using Self-Organizing Maps (SOM). The system uses a structured SOM to classify real-time Ethernet network data. A graphical tool continuously displays the clustered data to reflect network activities. Different system parameters such as data collection, data preprocessing and classifier structure are discussed. The systems shows promise in its ability to classify regular v.s. irregular and possibly intrusive network traffic for a given host.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

NSOM: A Tool To Detect Denial Of Service Attacks Using Self-Organizing Maps

An implementation of a network based Intrusion Detection System using a SelfOrganizing Map (SOM) as a clustering tool is described. The system uses a SOM to classify Ethernet data in real-time. A graphical tool constantly displays the clustered data to reflect network activities. The impact of using different techniques for data collection, data preprocessing and classifier design is discussed....

متن کامل

Host-Based Intrusion Detection Using Self-Organizing Maps

Hierarchical SOMs are applied to the problem of host based intrusion detection on computer networks. Unlike systems based on operating system audit trails, the approach operates on real-time data without extensive off-line training and with minimal expert knowledge. Specific recommendations are made regarding the representation of time, network parameters and SOM architecture.

متن کامل

Detecting Anomalous Network Traffic with Self-organizing Maps

Integrated Network-Based Ohio University Network Detective Service (INBOUNDS) is a network based intrusion detection system being developed at Ohio University. The Anomalous Network-Traffic Detection with Self Organizing Maps (ANDSOM) module for INBOUNDS detects anomalous network traffic based on the Self-Organizing Map algorithm. Each network connection is characterized by six parameters and s...

متن کامل

Dynamic Intrusion Detection Using Self-Organizing Maps

A system is described for applying hierarchical unsupervised neural networks (self organizing feature maps) to the intruder detection problem. Specific emphasis is given to the representation of time and the incremental development of a hierarchy. Preliminary results are given for the DARPA 1998 Intrusion Detection Problem.

متن کامل

Intrusion Detection System Using Self Organizing Map

The goal of the article is to presents intrusion detections systems and design architecture of intrusion detection based on neural network self organizing map. In the report is described base problematic of neural network and intrusion detection system. The article further deals with specific design of intrusion detection architecture based on user anomaly behavior. A core of the designed archi...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2002