Skip to main content
SpringerLink
Log in

A Competitive Neural Network for Intrusion Detection Systems

  • Conference paper
Modelling, Computation and Optimization in Information Systems and Management Sciences (MCO 2008)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 14))

Abstract

Detecting network intrusions is becoming crucial in computer networks. In this paper, an Intrusion Detection System based on a competitive learning neural network is presented. Most of the related works use the self-organizing map (SOM) to implement an IDS. However, the competitive neural network has less complexity and it is faster than the SOM, achieving similar results. In order to improve these results, we have used a repulsion method among neurons to avoid overlapping. Moreover, we have taken into account the presence of quantitative data in the input data, and they have been pre-processed appropriately to be supplied to the neural network. Therefore, the current metric based on Euclidean distance to compare two vectors can be used. The experimental results were obtained by applying the KDD Cup 1999 benchmark data set, which contains a great variety of simulated networks attacks. Comparison with other related works is provided.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 109.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Lee, W., Stolfo, S., Chan, P., Eskin, E., Fan, W., Miller, M., Hershkop, S., Zhang, J.: Real time data mining-based intrusion detection. In: DARPA Information Survivability Conference and Exposition II, vol. 1, pp. 89–100 (2001)

    Google Scholar 

  2. Maxion, R., Tan, K.: Anomaly detection in embedded systems. IEEE Transactions on Computers 51(2), 108–120 (2002)

    Article  Google Scholar 

  3. Tan, K., Maxion, R.: Determining the operational limits of an anomaly-based intrusion detector. IEEE Journal on Selected Areas in Communications 21(1), 96–110 (2003)

    Article  Google Scholar 

  4. Cannady, J.: Artificial neural networks for misuse detection. In: Proceedings of the 1998 National Information Systems Security Conference (NISSC 1998), Arlington, VA, October 5-8, 1998, pp. 443–456 (1998)

    Google Scholar 

  5. Kohonen, T.: Self-organized formation of topologically correct feature maps. Biological cybernetics 43(1), 59–69 (1982)

    Article  MathSciNet  MATH  Google Scholar 

  6. Lee, W., Stolfo, S., Mok, K.: A data mining framework for building intrusion detection models. In: IEEE Symposium on Security and Privacy, pp. 120–132 (1999)

    Google Scholar 

  7. Stolfo, S., Fan, W., Lee, W., Prodromidis, A., Chan, P.: Cost-based modeling for fraud and intrusion detection: results from the jam project. In: DARPA Information Survivability Conference and Exposition, 2000. DISCEX 2000. Proceedings, vol. 2, pp. 130–144 (2000)

    Google Scholar 

  8. Sarasamma, S., Zhu, Q., Huff, J.: Hierarchical kohonenen net for anomaly detection in network security. IEEE Transactions on Systems Man and Cybernetics Part B-Cybernetics 35(2), 302–312 (2005)

    Article  Google Scholar 

  9. Jain, A., Dubes, R.: Algorithms for clustering data. Prentice-Hall, Inc., Englewood Cliffs (1988)

    MATH  Google Scholar 

  10. Lei, J., Ghorbani, A.: Network intrusion detection using an improved competitive learning neural network. In: 2nd Annual Conference on Communication Networks and Services Research, pp. 190–197 (2004)

    Google Scholar 

  11. Depren, O., Topallar, M., Anarim, E., Ciliz, M.: An intelligent intrusion detection system (ids) for anomaly and misuse detection in computer networks. Expert Systems with Applications 29(4), 713–722 (2005)

    Article  Google Scholar 

  12. Bay, S., Kibler, D., Pazzani, M., Smyth, P.: The uci kdd archive of large data sets for data mining research and experimentation. SIGKDD Explor. Newsl. 2(2), 81–85 (2000)

    Article  Google Scholar 

  13. DeLooze, L., DeLooze, L. A.F.: Attack characterization and intrusion detection using an ensemble of self-organizing maps. In: 7th Annual IEEE Information Assurance Workshop, pp. 108–115 (2006)

    Google Scholar 

  14. Mitrokotsa, A., Douligeris, C.: Detecting denial of service attacks using emergent self-organizing maps. In: 5th IEEE International Symposium on Signal Processing and Information Technology, pp. 375–380 (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science E.T.S.I.Informatica, University of Malaga, Campus Teatinos s/n, 29071, Malaga, Spain

    Esteban José Palomo, Enrique Domínguez, Rafael Marcos Luque & José Muñoz

Authors
  1. Esteban José Palomo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Enrique Domínguez
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rafael Marcos Luque
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. José Muñoz
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Laboratory of Theoretical and Applied Computer Science, UFR MIM,, Paul Verlaine University of Metz, Metz, France

    Hoai An Le Thi

  2. Faculty of Sciences, Technology and Communications, University of Luxembourg, Luxembourg

    Pascal Bouvry

  3. Laboratory of Mathematics, National Institute for Applied Sciences, Rouen Mont, Saint Aignan, France

    Tao Pham Dinh

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Palomo, E.J., Domínguez, E., Luque, R.M., Muñoz, J. (2008). A Competitive Neural Network for Intrusion Detection Systems. In: Le Thi, H.A., Bouvry, P., Pham Dinh, T. (eds) Modelling, Computation and Optimization in Information Systems and Management Sciences. MCO 2008. Communications in Computer and Information Science, vol 14. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-87477-5_56

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-87477-5_56

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-87476-8

  • Online ISBN: 978-3-540-87477-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation