Abstract
This paper proposes a method to detect network intrusions by using the PCASOM (principal components analysis and self-organizing map) neural networks. A modified unsupervised learning algorithm which is more suitable for intrusion detection is presented. Experiments are carried out to illustrate the performance of the proposed method by using DARPA 1998 evaluation data sets. It shows that the proposed method can cluster the network connections into proper clusters with high detection rate and relatively low false alarm rate.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Cannady, J.: Artificial Neural Networks for Misuse Detection. In: Proceedings, National Information Systems Security Conference (NISSC 1998), Arlington VA, pp. 443–456 (1998)
Anderson, D., Frivold, T., Valdes, A.: Next-generation Intrusion Detection Expert System(NIDES): A Summary. SRI International Technical Report, SRI-CSL-95-07
Ramadas, M., Ostermann, S., Tjaden, B.: Detecting Anomalous Network Traffic with Self-organizing Maps. In: Vigna, G., Krügel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 36–54. Springer, Heidelberg (2003)
Ghosh, A., Schwartzbard, A.: A Study in Using Neural Networks for Anomaly and Misuse Detection. In: Proceedings of the Eighth USENIX Security Symposium, pp. 141–151 (1999)
Kuchimanchi, G.K., Phoha, V.V., Balagami, K.S., Gaddam, S.R.: Dimension Reduction Using Feature Extraction Methods for Real-time Misuse Detection Systems. In: Proceedings of the 2004 IEEE Workshop on Information Assurance and Security, pp. 195–202 (2004)
Labib, K., Vemuri, V.R.: Detecting and Visualizing Denial-of-Service and Network Probe Attacks Using Principal Component Analysis. In: Third Conference on Security and Network Architectures, La Londe, France (2004)
Lei, J.Z., Ghorbani, A.: Network Intrusion Detection Using an Improved Competitive Learning Neural Network. Second Annual Conference on Communication Networks and Services Research, 190–197 (2004)
Rubio, E.L., Prez, J.M., Antonio, J., Ruiz, G.: A Principal Components Analysis Self-organizing Map. Neural Networks 17(2), 261–270 (2004)
Haykin, S.: Neural Networks: A Comprehensive Foundation, 2nd edn. Tsinghua University Press, Beijing (2001)
KDD Cup 1999 Data, http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
DARPA Intrusion Detection Evaluation Project, http://www.ll.mit.edu/LST/ideval/
Pan, Z.S., Chen, S.C., Hu, G.B., Zhang, D.Q.: Hybrid Neural Network and C4.5 for Misuse Detection. In: Proceedings of the Second International Conference on Machine Learning and Cybernetics, pp. 2463–2467 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Liu, G., Yi, Z. (2006). Intrusion Detection Using PCASOM Neural Networks. In: Wang, J., Yi, Z., Zurada, J.M., Lu, BL., Yin, H. (eds) Advances in Neural Networks - ISNN 2006. ISNN 2006. Lecture Notes in Computer Science, vol 3973. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11760191_35
Download citation
DOI: https://doi.org/10.1007/11760191_35
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-34482-7
Online ISBN: 978-3-540-34483-4
eBook Packages: Computer ScienceComputer Science (R0)