Skip to main content

Advertisement

Springer Nature Link
Log in

Flow-based anomaly detection in high-speed links using modified GSA-optimized neural network

  • Original Article
  • Published:
Neural Computing and Applications Aims and scope Submit manuscript

Abstract

Ever growing Internet causes the availability of information. However, it also provides a suitable space for malicious activities, so security is crucial in this virtual environment. The network intrusion detection system (NIDS) is a popular tool to counter attacks against computer networks. This valuable tool can be realized using machine learning methods and intrusion datasets. Traditional datasets are usually packet-based in which all network packets are analyzed for intrusion detection in a time-consuming process. On the other hand, the recent spread of 1–10-Gbps-technologies have clearly pointed out that scalability is a growing problem. In this way, flow-based solutions can help to solve the problem by reduction of data and processing time, opening the way to high-speed detection on large infrastructures. Besides, NIDS should be capable of detecting new malicious activities. Artificial neural network-based NIDSs can detect unseen attacks, so a multi-layer perceptron (MLP) neural classifier is used in this study to distinguish benign and malicious traffic in a flow-based NIDS. In this way, a modified gravitational search algorithm (MGSA), as a modern heuristic technique, is employed to optimize the interconnection weights of the neural anomaly detector. The proposed scheme is trained using an enhanced version of the first labeled flow-based dataset for intrusion detection introduced in 2009. In addition, the particle swarm optimization (PSO) algorithm and traditional error back-propagation (EBP) algorithm are employed to train MLP, so performance comparison becomes possible. The experimental results based on the actual network data show that the MGSA-optimized neural anomaly detector is effective for monitoring abnormal traffic flows in the gigabytes traffic environment, and the accuracy is about 97.8 %.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

References

  1. Xiaonan Wu S, Banzhaf W (2010) The use of computational intelligence in intrusion detection systems: a review. Appl Soft Comput 10:1–35

    Article  Google Scholar 

  2. Garcia-Teodoro P, Diaz-Verdejo J, Macia-Fernandez G, Vazquez E (2009) Anomaly-base network intrusion detection: techniques, systems and challenges. J Comput Secur 28:18–28

    Article  Google Scholar 

  3. Li X, Deng Z-H (2010) Mining frequent patterns from network flows for monitoring network. Expert Syst Appl 37:8850–8860

    Article  Google Scholar 

  4. Yeung DY, Ding Y (2003) Host-based intrusion detection using dynamic and static behavioral models. J Pattern Recognit 36:229–243

    Article  MATH  Google Scholar 

  5. Sheikhan M, Jadidi Z, Farrokhi A (2012) Intrusion detection using reduced-size RNN based on feature grouping. Neural Comput Appl 21:1185–1190

    Article  Google Scholar 

  6. Shon T, Moon J (2007) A hybrid machine learning approach to network anomaly detection. Inf Sci 177:3799–3821

    Article  Google Scholar 

  7. Sheikhan M, Jadidi Z (2009) Misuse detection using hybrid of association rule mining and connectionist modeling. World Appl Sci J 7(Special Issue of Computer & IT):31–37

  8. Northcutt S, Novak J (2003) Network intrusion detection, 3rd edn. New Riders, USA

    Google Scholar 

  9. Androulidakis G, Papavassiliou S (2008) Improving network anomaly detection via selective flow-based sampling. IET Commun 2:399–409

    Article  Google Scholar 

  10. KDD Cup 1999 Data. Available on http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html. Accessed July 2010

  11. Sabhnani M, Serpen G (2004) Why machine learning algorithms fail in misuse detection on KDD intrusion detection data set. J Intell Data Anal 6:1–13

    Google Scholar 

  12. Sheikhan M, Sha’bani AA (2009) Fast neural intrusion detection system based on hidden weight optimization algorithm and feature selection. World Appl Sci J 7(Special Issue of Computer & IT):45–53

  13. Sheikhan M, Gharavian D (2009) Combination of Elman neural network and classification-based predictive association rules to improve computer networks’ security. World Appl Sci J 7(Special Issue of Computer & IT):80–86

  14. Sheikhan M, Jadidi Z, Beheshti M (2010) Effects of feature reduction on the performance of attack recognition by static and dynamic neural networks. World Appl Sci J 8:302–308

    Google Scholar 

  15. Sheikhan M, Sharifi Rad M (2010) Misuse detection based on feature selection by fuzzy association rule mining. World Appl Sci J 10(Special Issue of Computer & Electrical Engineering):32–40

  16. Sheikhan M, Khalili A (2010) Intrusion detection based on rule extraction from dynamic cell structure neural network. Majlesi J Elect Eng 4:24–34

    Google Scholar 

  17. Sheikhan M, Sharifi Rad M (2011) Intrusion detection improvement using GA-optimized fuzzy grids-based rule mining feature selector and fuzzy ARTMAP neural network. World Appl Sci J 14:772–781

    Google Scholar 

  18. Winter P, Hermann E, Zeilinger M (2011) Inductive intrusion detection in flow-based network data using one-class support vector machines. In: The proceedings of international conference on new technologies, mobility and security, pp 1–5. doi:10.1109/NMTS.2011.5720582

  19. Sperotto A, Schaffrath G, Sadre R, Morariu C, Pras A, Stiller B (2010) An overview of IP flow-based intrusion detection. IEEE Commun Surv Tutor 12:343–356

    Article  Google Scholar 

  20. Li K, Teng G (2006) Unsupervised SVM based on p-kernels for anomaly detection. In: The proceedings of international conference on innovative computing, information and control, pp 59–62

  21. Tellenbach B, Burkhart M, Schatzmann D, Gugelmann D, Sornette D (2011) Accurate network anomaly classification with generalized entropy metrics. Comput Netw 55:3485–3502

    Article  Google Scholar 

  22. Catania CA, Bromberg F, Garino CG (2012) An autonomous labeling approach to support vector machines algorithms for network traffic anomaly detection. Expert Syst Appl 39:1822–1829

    Article  Google Scholar 

  23. Zhang Z, Shen H (2004) Online training of SVMs for real-time intrusion detection. In: The proceedings of international conference on advanced information networking and applications, vol 1, pp 568–573

  24. Ryan J, Lin MJ, Miikkulainen R (1998) Intrusion detection with neural networks. Adv Neural Inf Process Syst 10:943–949

    Google Scholar 

  25. Ghosh AK, Schwartzbard A (1999) A study in using neural networks for anomaly and misuse detection. In: The proceedings of the USENIX security symposium, vol 8, pp 141–152

  26. Hofmann A, Schmitz C, Sick B (2003) Rule extraction from neural networks for intrusion detection in computer networks. In: The proceedings of the IEEE international conference on systems, man and cybernetics, vol 2, pp 1259–1265

  27. Zhang C, Jiang J, Kamel M (2003) Comparison of BPL and RBF network in intrusion detection system. In: The proceedings of the international conference on rough sets, fuzzy sets, data mining, and granular computing, pp 466–470

  28. Jiang J, Zhang C, Kame M (2003) RBF-based real-time hierarchical intrusion detection systems. In: The proceedings of the international joint conference on neural networks, vol 2, pp 1512–1516

  29. Fox K, Henning R, Reed J (1990) A neural network approach toward intrusion detection. In: The proceedings of the national computer security conference, vol 1, pp 124–134

  30. Wang W, Guan X, Zhang X, Yang L (2006) Profiling program behavior for anomaly intrusion detection based on the transition and frequency property of computer audit data. Comput Secur 25:539–550

    Article  Google Scholar 

  31. Han SJ, Cho SB (2006) Evolutionary neural networks for anomaly detection based on the behavior of a program. IEEE Trans Syst Man Cybern Part B 36:559–570

    Article  Google Scholar 

  32. Liao Y, Vemuri VR, Pasos A (2007) Adaptive anomaly detection with evolving connectionist systems. J Netw Comput Appl 30:60–80

    Article  Google Scholar 

  33. Bridges SM, Vaughn RB (2000) Intrusion detection via fuzzy data mining. In: The proceedings of the annual Canadian information technology security symposium, pp 111–121

  34. Shah H, Undercoffer J, Joshi A (2003) Fuzzy clustering for intrusion detection. In: The proceedings of the IEEE international conference on fuzzy systems, vol 2, pp 1274–1278

  35. He H, Luo X, Liu B (2005) Detecting anomalous network traffic with combined fuzzy based approaches. Lect Notes Comput Sci 3645:433–442

    Article  Google Scholar 

  36. Chimphlee W, Sap MNM, Abdullah AH, Chimphlee S, Srinoy S (2006) To identify suspicious activity in anomaly detection based on soft computing. In: The proceedings of the IASTED international conference on artificial intelligence and applications, pp 359–364

  37. Forrest S, Perelson AS, Allen L, Cherukuri R (1994) Self-nonself discrimination in a computer. In: The proceedings of the IEEE computer society symposium on research in security and privacy, pp 202–212

  38. Williams PD, Anchor KP, Bebo JL, Gunsch GH, Lamont GD (2001) CDIS: towards a computer immune system for detecting network intrusions. Lect Notes Comput Sci 2212:117–133

    Article  Google Scholar 

  39. Aickelin U, Greensmith J, Twycross J (2004) Immune system approaches to intrusion detection: a review. Lect Notes Comput Sci 3239:316–329

    Article  Google Scholar 

  40. Kim J, Bentley P, Aickelin U, Greensmith J, Tedesco G, Twycross J (2007) Immune system approaches to intrusion detection- a review. Nat Comput Int J 6:413–466

    Article  MATH  MathSciNet  Google Scholar 

  41. Sobh TS, Mostafa WM (2011) A cooperative immunological approach for detecting network anomaly. Appl Soft Comput 11:1275–1283

    Article  Google Scholar 

  42. Kolias C, Kambourakis G, Maragoudakis M (2011) Swarm intelligence in intrusion detection: a survey. Comput Secur 30:625–642

    Article  Google Scholar 

  43. Su M-Y (2011) Real-time anomaly detection systems for denial-of-service attacks by weighted k-nearest-neighbor classifiers. Expert Syst Appl 38:3492–3498

    Article  Google Scholar 

  44. Palmieri F, Fiore U (2010) Network anomaly detection through nonlinear analysis. Comput Secur 29:737–755

    Article  Google Scholar 

  45. Callegari C, Giordano S, Pagano M, Pepe T (2011) Combining sketches and wavelet analysis for multi time-scale network anomaly detection. Comput Secur 30:692–704

    Article  Google Scholar 

  46. Lee SM, Kim DS, Lee JH, Park JS (2012) Detection of DDoS attacks using optimized traffic matrix. Comput Math Appl 63:501–510

    Article  Google Scholar 

  47. Li Y, Guo L, Tian Z-H, Lu T-B (2008) A lightweight web server anomaly detection method based on transductive scheme and genetic algorithms. Comput Commun 31:4018–4025

    Article  Google Scholar 

  48. Qin T, Guan X, Li W, Wang P, Huang Q (2011) Monitoring abnormal network traffic based on blind source separation approach. J Netw Comput Appl 34:1732–1742

    Article  Google Scholar 

  49. Liu X, Wang H, Lai J, Liang Y (2007) Network security situation awareness model based on heterogeneous multi-sensor data fusion. In: The proceedings of the international symposium on computer and information sciences, pp 1–6

  50. Alshammari R, Zincir-Heywood AN (2009) Machine learning based encrypted traffic classification: identifying SSH and skype. In: The proceedings of the IEEE international conference on computational intelligence for security and defense applications, pp 289–296

  51. Cho S-B, Park H-J (2003) Efficient anomaly detection by modeling privilege flows using hidden Markov model. Comput Secur 22:45–55

    Article  Google Scholar 

  52. Braga R, Mota E, Passito A (2010) Lightweight DDOS flooding attack detection using NOX/OpenFlow. In: The proceedings of IEEE conference on local computer networks, pp 408–415

  53. Dai L, Chen Y, Yun X (2007) Optimizing IP flow classification using feature selection. In: The proceedings of the international conference on parallel and distributed computing, applications and technologies, pp 39–45

  54. Li X, Deng Z-H (2010) Mining frequent patterns from network flows for monitoring network. Expert Syst Appl 37:8850–8860

    Article  Google Scholar 

  55. Shahrestani A, Feily M, Ahmad R, Ramadass S (2009) Architecture for applying data mining and visualization on network flow for botnet traffic detection. In: The proceedings of the international conference on computer technology and development, pp 33–37

  56. Barford P, Plonka D (2001) Characteristics of network traffic flow anomalies. In: The proceedings of the ACM SIGCOMM workshop on Internet measurement, pp 69–73

  57. Chapple MJ, Wright TE, Winding RM (2006) Flow anomaly detection in firewalled networks. In: The proceedings of the securecomm and workshops, pp 1–6

  58. Muraleedharan N, Parmar A, Kumar M (2010) A flow based anomaly detection system using Chi square technique. In: The proceedings of the IEEE international conference on advance computing, pp 285–289

  59. RoyChowdhury P, Shukla KK (2003) Incorporating fuzzy concepts along with dynamic tunneling for fast and robust training of multilayer perceptrons. Neurocomputing 50:319–340

    Article  MATH  Google Scholar 

  60. Montana DJ, Davis L (1989) Training feed forward neural networks using genetic algorithms. Mach Learn 1:762–767

    Google Scholar 

  61. Zhao Q, Higuchi T (1996) Efficient learning of NN-MLP based on individual evolutionary algorithm. Neurocomputing 13:201–215

    Article  Google Scholar 

  62. Sexton RS, Dorsey RE (2000) Reliable classification using neural network: a genetic algorithm and back propagation computation. Decis Support Syst 30:11–22

    Article  Google Scholar 

  63. Castellani M, Rowlands H (2009) Evolutionary artificial neural network design and training for wood veneer classification. Eng Appl Artif Intell 22:732–741

    Article  Google Scholar 

  64. Marwala T (2007) Bayesian training of neural networks using genetic programming. Pattern Recogn Lett 28:1452–1458

    Article  Google Scholar 

  65. Amato S, Apolloni B, Caporali G, Madesani U, Zanaboni A (1991) Simulated annealing approach in backpropagation. Neurocomputing 3:207–220

    Article  Google Scholar 

  66. Pasti R, De Castro LN (2007) The influence of diversity in an immune-based algorithm to train MLP networks. In: The proceedings of the international conference on artificial immune systems, pp 71–82

  67. Marcio C, Teresa BL (2006) An analysis of PSO hybrid algorithms for feed-forward neural networks training. In: The proceedings of the Brazilian symposium on neural networks, pp 2–7

  68. Ince T, Kiranyaz S, Pulkkinen J, Gabbouj M (2010) Evaluation of global and local training techniques over feed-forward neural network architecture spaces for computer-aided medical diagnosis. Expert Syst Appl 37:8450–8461

    Article  Google Scholar 

  69. Pian Z, Li S, Zhang H, Zhang N (2012) The application of the PSO based BP network in short-term load forecasting. Phys Procedia 24:626–632

    Article  Google Scholar 

  70. Yu J, Wang S, Xi L (2008) Evolving artificial neural networks using an improved PSO and DPSO. Neurocomputing 71:1054–1060

    Article  Google Scholar 

  71. Cavuslu MA, Karakuzu C, Karakaya F (2012) Neural identification of dynamic systems on FPGA with improved PSO learning. Appl Soft Comput 12:2707–2718

    Article  Google Scholar 

  72. Shen W, Guo X, Wu C, Wu D (2011) Forecasting stock indices using radial basis function neural networks optimized by artificial swarm algorithm. Knowl Based Syst 24:378–385

    Article  Google Scholar 

  73. Kulluk S, Ozbakir L, Baykasoglu A (2012) Training neural networks with harmony search algorithms for classification problems. Eng Appl Artif Intell 25:11–19

    Article  Google Scholar 

  74. Mirjalili SA, Mohd Hashim SZ, Moradian Sardroudi H (2012) Training feedforward neural networks using hybrid particle swarm optimization and gravitational search algorithm. Appl Math Comput 218:11125–11137

    Article  MATH  MathSciNet  Google Scholar 

  75. Wang D, Lu W-Z (2006) Forecasting of ozone level in time series using MLP model with a novel hybrid training algorithm. Atmos Environ 40:913–924

    Article  Google Scholar 

  76. Zhang JR, Zhang J, Lok TM, Lyu MR (2007) A hybrid particle swarm optimization-back propagation algorithm for feedforward neural network training. Appl Math Comput 185:1026–1037

    Article  MATH  Google Scholar 

  77. Leung SYS, Tang Y, Wong WK (2012) A hybrid particle swarm optimization and its application in neural networks. Exp Syst Appl 39:395–405

    Article  Google Scholar 

  78. Bahrololoum A, Nezamabadi-pour H, Bahrololoum H, Saeed M (2012) A prototype classifier based on gravitational search algorithm. Appl Soft Comput 12:819–825

    Article  Google Scholar 

  79. Ou C, Lin W (2006) Comparison between PSO and GA for parameters optimization of PID controller. In: The proceedings of the IEEE international conference on mechatronics and automation, pp 2471–2475

  80. Rashedi E, Nezamabadi-pour H, Saryazdi S (2009) GSA: a gravitational search algorithm. Inf Sci 179:2232–2248

    Article  MATH  Google Scholar 

  81. Nguyen HA, Tam Van Nguyen T, Kim DI, Choi D (2008) Network traffic anomalies detection and identification with flow monitoring. In: The proceedings of the IFIP international conference on wireless and optical communications networks, pp 1–5

  82. Chang S, Qiu X, Gao Z, Liu K, Qi F (2010) A flow-based anomaly detection method using sketch and combinations of traffic features. In: The proceedings of the international conference on network and service management, pp 302–305

  83. Li Z, Gao Y, Chen Y (2010) HiFIND: a high-speed flow-level intrusion detection approach with DoS resiliency. Comput Netw 54:1282–1299

    Article  MATH  Google Scholar 

  84. Gao Y, Li Z, Chen Y (2006) A DoS resilient flow-level intrusion detection approach for high-speed networks. In: The proceedings of the IEEE international conference on distributed computing systems, pp 39–46

  85. Sui S, Li l, Manikopoulo CN (2006) Flow-based statistical aggregation schemes for network anomaly detection. In: The proceedings of the IEEE international conference on networking, sensing and control, pp 786–791

  86. Choi H, Lee H, Kim H (2009) Fast detection and visualization of network attacks on parallel coordinates. Comput Secur 28:276–288

    Article  Google Scholar 

  87. Soysal M, Schmidt EG (2010) Machine learning algorithms for accurate flow-based network traffic classification: evaluation and comparison. Perform Evaluat 67:451–467

    Article  Google Scholar 

  88. Chen Y, Dai L, Cheng X-Q (2008) GATS-C4.5: an algorithm for optimizing features in flow classification. In: The proceedings of the IEEE international conference on consumer communications and networking, pp 466–470

  89. Wang HF, Wu KY (2004) Hybrid genetic algorithm for optimization problems with permutation property. Comput Oper Res 31:2453–2471

    Article  MATH  MathSciNet  Google Scholar 

  90. Andre J, Siarry P, Dognon T (2001) An improvement of the standard genetic algorithm fighting premature convergence in continuous optimization. Adv Eng Softw 32:49–60

    Article  Google Scholar 

  91. Poon PW, Carter JN (1995) Genetic algorithm crossover operations for ordering applications. Comput Oper Res 22:135–147

    Article  MATH  Google Scholar 

  92. Wen X, Song A (2003) An improved genetic algorithm for planar and spatial straightness error evaluation. Int J Mach Tools Manuf 43:1157–1162

    Article  Google Scholar 

  93. Ye Z, Li Z, Xie M (2010) Some improvements on adaptive genetic algorithms for reliability-related applications. Reliab Eng Syst Saf 95:120–126

    Article  Google Scholar 

  94. Jiang Y, Hu T, Huang C, Wu X (2007) An improved particle swarm optimization algorithm. Appl Math Comput 193:231–239

    Article  MATH  Google Scholar 

  95. Baskar G, Mohan MR (2009) Contingency constrained economic load dispatch using improved particle swarm optimization for security enhancement. Electric Power Syst Res 79:615–621

    Article  Google Scholar 

  96. Arumugam MS, Rao MVC (2008) On the improved performances of the particle swarm optimization algorithms with adaptive parameters, cross-over operators and root mean square (RMS) variants for computing optimal control of a class of hybrid systems. Appl Soft Comput 8:324–336

    Article  Google Scholar 

  97. Lin H-C, Chen C-M, Tzeng J-Y (2009) Flow based botnet detection. In: The proceedings of the international conference on innovative computing, information and control, pp 1538–1541

  98. Lee M, Shon T, Cho K, Chung M, Seo J, Moon J (2007) An approach for classifying internet worms based on temporal behaviors and packet flows. In: The proceedings of the international conference on intelligent computing, pp 646–655

  99. Sperotto A, Sadre R, van Vilet F, Pras A (2009) A labeled data set for flow-based intrusion detection. Lect Notes Comput Sci 5843:39–50

    Article  Google Scholar 

  100. Case J, Fedor M, Schoffstall M, Davin J (1990) Simple network management protocol (SNMP). RFC 1157. www.ietf.org/rfc/rfc1157.txt

  101. Conta Transwitch A, Deering S (2006) Internet control message protocol (ICMPv6) for the Internet protocol version 6 (IPv6) specification. RFC 4443. tools.ietf.org/html/rfc4443

  102. Richardson M, Fenner B (1999) tcpdump packet analyzer. http://www.tcpdump.org

  103. Cisco Systems (2011) NetFlow services solutions guide. http://www.cisco.com

  104. Cisco Systems (2008) Cisco IOS NetFlow configuration guide, release 12.4. http://www.cisco.com

  105. Claise B (2008) Cisco systems NetFlow services export version 9. RFC 3954 (Informational). http://www.ietf.org/rfc/rfc3954.txt

  106. Claise B (2008) Specification of the IP flow information export (IPFIX) protocol for the exchange of IP traffic flow information. RFC 5101. http://www.ietf.org/rfc/rfc5101.txt

  107. Quittek J, Zseby T, Claise B, Zander S (2008) Requirements for IP flow information export (IPFIX). RFC 3917 (Informational). http://www.ietf.org/rfc/rfc3917.txt

  108. Song S, Chen Z (2007) Adaptive network flow clustering. In: The proceedings of the IEEE international conference on networking, sensing and control, pp 596–601

  109. Pouget F, Dacier M (2004) Honeypot-based forensics. In: The proceedings of the Asia Pacific information technology security conference, pp 1–15

  110. Dressler F, Munz G (2006) Flexible flow aggregation for adaptive network monitoring. In: The proceedings of the IEEE international conference on local computer networks, pp 702–709

  111. Ylonen T (2006) The secure shell (SSH) protocol architecture. http://www.ietf.org/rfc/rfc4251.txt

  112. Ramakrishnan K, Floyd S, Black D (2001) The addition of explicit congestion notification (ECN) to IP. RFC 3168. http://www.ietf.org/rfc/rfc3168.txt

  113. Sarafrazi S, Nezamabadi-pour H, Saryazdi S (2011) Disruption: a new operator in gravitational search algorithm. Sci Iranica D 18:539–548

    Article  Google Scholar 

  114. Harwit M (1998) The astrophysical concepts, 3rd edn. Springer, New York

    Book  Google Scholar 

  115. Kennedy J, Eberhart R (1995) Particle swarm optimization. In: The proceedings of the IEEE international conference on neural networks, vol 4, pp 1942–1948

  116. Shi Y, Eberhart R (1998) Parameter selection in particle swarm optimization. In: The proceedings of international conference on evolutionary programming, pp 591–601

  117. Maloof MA (2005) Machine learning and data mining for computer security: methods and applications. Springer, New York

    Google Scholar 

  118. Shiravi A, Shiravi H, Tavallaee M, Ghorbani AA (2012) Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput Secur 31:357–374

    Article  Google Scholar 

  119. Lei JZ, Ghorbani AA (2012) Improved competitive learning neural networks for network intrusion and fraud detection. Neurocomputing 75:135–145

    Article  Google Scholar 

  120. Perdisci R, Ariu D, Giacinto G (2012) Scalable fine-grained behavioral clustering of HTTP-based malware. Computer networks. Article in press, available online 8 Aug 2012. doi:10.1016/j.comnet.2012.06.022

Download references

Author information

Authors and Affiliations

  1. Electrical Engineering Department, Engineering Faculty, Islamic Azad University, South Tehran Branch, P.O. Box: 11365-4435, Tehran, Iran

    Mansour Sheikhan & Zahra Jadidi

Authors
  1. Mansour Sheikhan
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Zahra Jadidi
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Mansour Sheikhan.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Sheikhan, M., Jadidi, Z. Flow-based anomaly detection in high-speed links using modified GSA-optimized neural network. Neural Comput & Applic 24, 599–611 (2014). https://doi.org/10.1007/s00521-012-1263-0

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00521-012-1263-0

Keywords