Abstract
One of the most challenging problems in anomaly detection is to develop scalable algorithms which are capable of dealing with large audit data, network traffic data, or alter data. In this paper a distributed neural network based on Hebb rule is presented to improve the speed and scalability of inductive learning. The speed is improved by randomly splitting a large data set into disjoint subsets and each subset data is presented to an independent neural network, these networks can be trained in distributed and each one in parallel. The analysis of completeness and risk bounds of competitive Hebb learning proof that the distributed Hebb neural network can avoid the accuracy being degraded as compared to running a single algorithm with the entire data. The experiments are performed on the KDD’99 Data set, which is a standard intrusion detection benchmark. Comparisons with other approaches on the same benchmark demonstrate the effectiveness and applicability of the proposed method.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Ingham, K.L., Somayaji, A., Burge, J., Forrest, S.: Learning DFA Representations of HTTP For Protecting Web Applications. Computer Networks 51(5), 1239–1255 (2007)
Özyer, T., Alhajj, R., Barker, K.: Intrusion Detection By Integrating Boosting Genetic Fuzzy Classifier and Data Mining Criteria for Rule Pre-screening. Journal of Network and Computer Applications 30(1), 99–113 (2007)
Wang, W., Guan, X.H., Zhang, X.L., Yang, L.W.: Profiling Program Behavior for Anomaly Intrusion Detection Based on The Transition and Frequency Property of Computer Audit Data. Computers & Security 25(7), 539–550 (2006)
Julisch, K.: Clustering Intrusion Detection Alarms to Support Root Cause Analysis. ACM Transactions on Information and System Security 6(4), 443–471 (2003)
Lee, W., Stolfo, S., Kui, M.: A Data Mining Framework for Building Intrusion Detection Models. In: IEEE Symposium on Security and Privacy, Oakland, pp. 120–132 (1999)
Shin, M.S., Jeong, K.J: An Alert Data Mining Framework for Network-based Intrusion Detection System. In: Song, J., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 38–53. Springer, Heidelberg (2006)
Huang, M.Y., Jasper, R.J., Wicks, T.M.: A Large Scale Distributed Intrusion Detection Framework Based on Attack Strategy Analysis. Computer Networks 31, 2465–2475 (1999)
Julisch, K.: Clustering Intrusion Detection Alarms to Support Root Cause Analysis. ACM Transactions on Information and System Security 6(4), 443–471 (2003)
Khan, L., Awad, M., Thuraisingham, B.: A New Intrusion Detection System Using Support Vector Machines and Hierarchical Clustering. The International Journal on Very Large Data Bases, online first, 1–15 (2006)
Li, X.Y., Ye, N.: Mining Normal and Intrusive Activity Patterns for Computer Intrusion Detection. In: Chen, H., Moore, R., Zeng, D.D., Leavitt, J. (eds.) ISI 2004. LNCS, vol. 3073, pp. 226–238. Springer, Heidelberg (2004)
Li, X.B.: A Scalable Decision Tree System and Its Application in Pattern Recognition and Intrusion Detection. Decision Support Systems 41(1), 112–130 (2005)
Wei, C.P., Lee, Y.H., Hsu, C.M.: Empirical Comparison of Fast Partitioning-based Clustering Algorithms for Large Data Sets. Expert Systems with Applications 24, 351–363 (2003)
Peter, W., Chiochetti, J., Giardina, C.: New Unsupervised Clustering Algorithm for Large Datasets. In: Proceedings of the Ninth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Washington, D.C, pp. 643–648. ACM Press, New York (2003)
Gursoy, A.: Data Decomposition for Parallel K-means Clustering. In: Wyrzykowski, R., Dongarra, J.J., Paprzycki, M., Waśniewski, J. (eds.) PPAM 2004. LNCS, vol. 3019, pp. 241–248. Springer, Heidelberg (2004)
Ceglar, A., Roddick, J.F.: Association Mining. ACM Computing Surveys 38(2), 1–42 (2006)
Parthasarathy, S., Zaki, M.J., Ogihara, M., Li, W.: Parallel Data Mining for Association Rules on Shared-memory Systems. Knowledge and Information Systems 3, 1–29 (2001)
Jia, C.Y., Gao, X.P.: Multi-scaling Sampling: an Adaptive Sampling Method for Discovering Approximate Association Rules. Journal of Computer Science and Technology 20(3), 309–318 (2005)
Tuv, E., Borisov, A., Torkkola, K.: Best Subset Feature Selection for Massive Mixed-type Problems. In: Proceedings of the 7th International Conference on Intelligent Data Engineering and Automated Learning, Burgos, Spain, pp. 1048–1056 (2006)
Tang, W.Y., Mao, K.Z.: Feature Selection Algorithm for Data with Both Nominal and Continuous Features. In: Ho, T.-B., Cheung, D., Liu, H. (eds.) PAKDD 2005. LNCS (LNAI), vol. 3518, pp. 683–688. Springer, Heidelberg (2005)
Amado, N., Gama, J., Silva, F.: Parallel Implementation of Decision Tree Learning Algorithms. In: Proceedings of the 10th Portuguese Conference on Artificial Intelligence, Porto, Portugal, pp. 6–13 (2001)
Todorovski, L., Dzeroski, S.: Combining Classifiers With Meta Decision Trees. Machine Learning 50(3), 223–249 (2003)
Bishop, C.M.: Training With Noise is Equivalent to Tikhonov Regularization. Neural computation 7(11), 108–116 (1995)
Geman, S., Bienenstock, E., Doursat, R.: Neural Networks and The Bias/variance Dilemma. Neural Computation 4, 1–58 (1992)
Folino, G., Pizzuti, C., Spezzano, G.: GP Ensemble for Distributed Intrusion Detection Systems. In: Proceedings of the 3rd International Conference on Advanced in Pattern Recognition, Bath, UK, pp. 54–62 (2005)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tian, D., Liu, Y., Li, B. (2007). A Distributed Hebb Neural Network for Network Anomaly Detection. In: Stojmenovic, I., Thulasiram, R.K., Yang, L.T., Jia, W., Guo, M., de Mello, R.F. (eds) Parallel and Distributed Processing and Applications. ISPA 2007. Lecture Notes in Computer Science, vol 4742. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74742-0_30
Download citation
DOI: https://doi.org/10.1007/978-3-540-74742-0_30
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74741-3
Online ISBN: 978-3-540-74742-0
eBook Packages: Computer ScienceComputer Science (R0)