Abstract
The present research work focuses on Intrusion Detection (ID), identifying “anomalous” patterns that may be related to an attack to a system or a network. In order to detect such anomalies, this present paper proposes the visualization of network flows for ID by applying a novel neural method called Beta Hebbian Learning (BHL). Four real-life traffic segments from the University of Twente datasets have been analysed by means of the BHL. Such datasets were gathered from a honeypot directly connected to the Internet so it is guaranteed that it contains real-attack data. Results obtained by BHL provide clear evidence of the ID System clearly separating the different types of attacks present in each dataset and outperforming other well-known projection algorithms.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Berro, A., Larabi Marie-Sainte, S., Ruiz-Gazen, A.: Genetic algorithms and particle swarm optimization for exploratory projection pursuit. Ann. Math. Artif. Intell. 60, 153–178 (2010)
Casteleiro-Roca, J.L., Gómez-González, J.F., Calvo-Rolle, J.L., Jove, E., Quintián, H., Gonzalez Diaz, B., Mendez Perez, J.A.: Short-term energy demand forecast in hotels using hybrid intelligent modeling. Sensors 19(11), 2485 (2019)
Casteleiro-Roca, J.L., Jove, E., Sánchez-Lasheras, F., Méndez-Pérez, J.A., Calvo-Rolle, J.L., de Cos Juez, F.J.: Power cell SOC modelling for intelligent virtual sensor implementation. J. Sens. 2017 (2017)
Corchado, E., Fyfe, C.: Connectionist techniques for the identification and suppression of interfering underlying factors. IJPRAI 17, 1447–1466 (2003)
Corchado, E., Herrero, Á.: Neural visualization of network traffic data for intrusion detection. Appl. Soft Comput. 11(2), 2042–2056 (2011). https://doi.org/10.1016/j.asoc.2010.07.002
Ferrag, M.A., Maglaras, L., Moschoyiannis, S., Janicke, H.: Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study. J. Inform. Secur. Appl. 50, 102419 (2020). http://www.sciencedirect.com/science/article/pii/S2214212619305046
González, A., Herrero, Á., Corchado, E.: Neural visualization of android malware families. In: Proceedings of the International Joint Conference SOCO’16-CISIS’16-ICEUTE’16, pp. 574–583 (2016). https://doi.org/10.1007/978-3-319-47364-2_56
He, K., Zhang, X., Ren, S., Sun, J.: Deep residual learning for image recognition. In: The IEEE Conference on Computer Vision and Pattern Recognition (CVPR), June 2016
Herrero, Á., Zurutuza, U., Corchado, E.: A neural-visualization IDS for honeynet data. Int. J. Neural Syst. 22(2) (2012). https://doi.org/10.1142/S0129065712500050
Jove, E., Alaiz-Moretón, H., García-Rodríguez, I., Benavides-Cuellar, C., Casteleiro-Roca, J.L., Calvo-Rolle, J.L.: PID-ITS: An intelligent tutoring system for pid tuning learning process. In: Proceedings of the International Joint Conference SOCO’17-CISIS’17-ICEUTE’17 León, Spain, September 6–8, 2017, pp. 726–735. Springer (2017)
Jove, E., Casteleiro-Roca, J.L., Quintián, H., Méndez-Pérez, J.A., Calvo-Rolle, J.L.: A fault detection system based on unsupervised techniques for industrial control loops. Exp. Syst. 36(4), e12395 (2019)
Jove, E., Casteleiro-Roca, J.L., Quintián, H., Méndez-Pérez, J.A., Calvo-Rolle, J.L.: Anomaly detection based on intelligent techniques over a bicomponent production plant used on wind generator blades manufacturing. Revista Iberoamericana de Automática e Informática industrial (2020)
Jove, E., Casteleiro-Roca, J.L., Quintián, H., Pérez, J.A.M., Calvo-Rolle, J.L.: A new approach for system malfunctioning over an industrial system control loop based on unsupervised techniques. In: Proceedings of the International Joint Conference SOCO’18-CISIS’18-ICEUTE’18 - San Sebastián, Spain, June 6–8, 2018, pp. 415–425 (2018). https://doi.org/10.1007/978-3-319-94120-2_40
Jove, E., Casteleiro-Roca, J.L., Quintián, H., Pérez, J.A.M., Calvo-Rolle, J.L.: A fault detection system based on unsupervised techniques for industrial control loops. Exp. Syst. 36(4) (2019). https://doi.org/10.1111/exsy.12395
Jove, E., Gonzalez-Cava, J.M., Casteleiro-Roca, J.L., Pérez, J.A.M., Calvo-Rolle, J.L., de Cos Juez, F.J.: An intelligent model to predict ANI in patients undergoing general anesthesia. In: Proceedings of the International Joint Conference SOCO’17-CISIS’17-ICEUTE’17 León, Spain, September 6–8, 2017, pp. 492–501. Springer (2017)
Luis Casteleiro-Roca, J., Quintián, H., Luis Calvo-Rolle, J., Méndez-Pérez, J.A., Javier Perez-Castelo, F., Corchado, E.: Lithium iron phosphate power cell fault detection system based on hybrid intelligent system. Logic J. IGPL 28(1), 71–82 (2020). https://doi.org/10.1093/jigpal/jzz072
Magán-Carrión, R., Urda, D., Díaz-Cano, I., Dorronsoro, B.: Towards a reliable comparison and evaluation of network intrusion detection systems based on machine learning approaches. Appl. Sci. 10(5), 1775 (2020)
Marrero, A., Méndez, J., Reboso, J., Martín, I., Calvo, J.: Adaptive fuzzy modeling of the hypnotic process in anesthesia. J. Clin. Monit. Comput. 31(2), 319–330 (2017)
Moonsamy, V., Rong, J., Liu, S.: Mining permission patterns for contrasting clean and malicious android applications. Fut. Gener. Comput. Syst. 36, 122–132 (2014).https://doi.org/10.1016/j.future.2013.09.014
Park, W., Lee, K., Cho, K., Ryu, W.: Analyzing and detecting method of android malware via disassembling and visualization. In: 2014 International Conference on Information and Communication Technology Convergence (ICTC), pp. 817–818 (2014). https://doi.org/10.1109/ICTC.2014.6983300
Paturi, A., Cherukuri, M., Donahue, J., Mukkamala, S.: Mobile malware visual analytics and similarities of attack toolkits (malware gene analysis). In: 2013 International Conference on Collaboration Technologies and Systems (CTS), pp. 149–154 (2013). https://doi.org/10.1109/CTS.2013.6567221
Quintián, H., Corchado, E.: Beta hebbian learning as a new method for exploratory projection pursuit. Int. J. Neural Syst. 27(6), 1–16 (2017). https://doi.org/10.1142/S0129065717500241
Raúl Sánchez, A.H., Corchado, E.: Visualization and clustering for snmp intrusion detection. Cybern. Syst. 44(6–7), 505–532 (2013). https://doi.org/10.1080/01969722.2013.803903
Sánchez, R., Herrero, A., Corchado, E.: Clustering extension of MOVICAB-IDS to distinguish intrusions in flow-based data. Logic J. IGPL 25(1), 83–102 (2016). https://doi.org/10.1093/jigpal/jzw047
Somarriba, O., Zurutuza, U., Uribeetxeberria, R., Delosieres, L., Nadjm-Tehrani, S.: Detection and visualization of android malware behavior. J. Electric. Comput. Eng. (2016). https://doi.org/10.1155/2016/8034967
Sperotto, A., Sadre, R., Van Vliet, F., Pras, A.: A labeled data set for flow-based intrusion detection. In: International Workshop on IP Operations and Management, pp. 39–50. Springer (2009)
Tomás-Rodríguez, M., Santos, M.: Modelling and control of floating offshore wind turbines. Revista Iberoamericana de Automática e Informática Industrial 16(4) (2019)
Vega, R.V., Chamoso, P., Briones, A.G., Casteleiro-Roca, J.L., Jove, E., Meizoso-López, M., Rodríguez-Gómez, B., Quintián, H., álvaro Herrero, Matsui, K., Corchado, E., Calvo-Rolle, J.: Intrusion detection with unsupervised techniques for network management protocols over smart grids. Appl. Sci. 10, 2276 (2020)
Vega, R.V., Quintián, H., Cambra, C., Basurto, N., Herrero, Á., Calvo-Rolle, J.L.: Delving into android malware families with a novel neural projection method. Complexity 2019, 6101697:1–6101697:10 (2019). https://doi.org/10.1155/2019/6101697
Vega Vega, R., Quintián, H., Calvo-Rolle, J.L., Herrero, Á., Corchado, E.: Gaining deep knowledge of android malware families through dimensionality reduction techniques. Logic J. IGPL (2019, In press). https://doi.org/10.1093/jigpal/jzy030
Vega Vega, R., Quintián, H., Calvo-Rolle, J.L., Herrero, A., Corchado, E.: Gaining deep knowledge of Android malware families through dimensionality reduction techniques. Logic J. IGPL 27(2), 160–176 (2018). https://doi.org/10.1093/jigpal/jzy030
Wagner, M., Fischer, F., Luh, R., Haberson, A., Rind, A., Keim, D.A., Aigner, W.: A survey of visualization systems for malware analysis. In: Eurographics Conference on Visualization (EuroVis) - STARs (2015). https://doi.org/10.2312/eurovisstar.20151114
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Quintián, H. et al. (2021). Beta-Hebbian Learning for Visualizing Intrusions in Flows. In: Herrero, Á., Cambra, C., Urda, D., Sedano, J., Quintián, H., Corchado, E. (eds) 13th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2020). CISIS 2019. Advances in Intelligent Systems and Computing, vol 1267. Springer, Cham. https://doi.org/10.1007/978-3-030-57805-3_42
Download citation
DOI: https://doi.org/10.1007/978-3-030-57805-3_42
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-57804-6
Online ISBN: 978-3-030-57805-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)