Improving Self Organizing Map Performance for Network Intrusion Detection
نویسنده
چکیده
The continuous evolution of the types of attacks against computer networks suggests a paradigmatic shift from misuse based intrusion detection system to anomaly based systems. Unsupervised learning algorithms are natural candidates for this task, but while they have been successfully applied in host-based intrusion detection, network-based applications are more difficult, for a variety of reasons, including performance. We propose an architecture which implements a network-based, anomaly based intrusion detection system, which uses unsupervised learning algorithms. In this paper we describe the improvements and modifications needed in order to increase the throughput of a Self Organizing Map algorithm and make it able to handle high dimensional input data at a rate suitable for Intrusion Detection purposes at
منابع مشابه
Intrusion Detection System Using Self Organizing Map
The goal of the article is to presents intrusion detections systems and design architecture of intrusion detection based on neural network self organizing map. In the report is described base problematic of neural network and intrusion detection system. The article further deals with specific design of intrusion detection architecture based on user anomaly behavior. A core of the designed archi...
متن کاملA Novel Soft Computing Inference Engine Model for Intrusion Detection
The main purpose of this paper is to propose a novel soft computing inference engine model for intrusion detection. Our approach is anomaly based and utilizes causal knowledge inference based fuzzy cognitive maps (FCM) and multiple self organizing maps (SOM). A set of parallel neural network classifiers (SOM) are used to do an initial recognition of the network traffic flow to detect abnormal b...
متن کاملDB-OLS: An Approach for IDS
An intrusion detection system plays a major role in network security. We propose a model “DB-OLS: An Approach for IDS” which is a Deviation Based-Outlier approach for Intrusion detection using Self Organizing Maps. In this model “Self Organizing Map” approach is to be used for behavior learning and “Outlier mining” approach, for detecting an intruder by calculating deviation from known user pro...
متن کاملIntrusion Detection Using PCASOM Neural Networks
This paper proposes a method to detect network intrusions by using the PCASOM (principal components analysis and self-organizing map) neural networks. A modified unsupervised learning algorithm which is more suitable for intrusion detection is presented. Experiments are carried out to illustrate the performance of the proposed method by using DARPA 1998 evaluation data sets. It shows that the p...
متن کاملAn Intrusion Detection Method Based on Improved Growing Hierarchical Self-Organizing Map
Growing hierarchical self-organizing map (GHSOM), as a kind of topology map, is an effective method to process large scale data. It not only enjoys the advantages of self-organizing map (SOM), but also owns its special multi-layer hierarchical structure which is easy to reveal the hierarchical structure behind the input data by using GHSOM. Though GHSOM has made great progress on the improvemen...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2004