Applying soft computing techniques to intrusion detection
作者: Jugal K. Kalita , Lori L. Delooze
DOI:
关键词:
摘要: As more computers are integrated into the Internet, threat of computer crimes increases and it becomes much difficult challenging to predict prevent attacks malicious intrusions. We apply soft computing techniques artificial neural networks, evolutionary fuzzy logic produce an effective Intrusion Detection System (IDS) classify by type characterize connection according its behavior. created ensemble Self-Organizing Maps (SOM), one for each four major attack families: Denial Service, Probe, Remote Local User Root. A genetic algorithm determined best possible feature set input vectors SOMs. After labeling neurons in SOM, we formed a "buffer zone" around them. The SOMs detected as well or better than any system original Knowledge Data Discovery 1999 Competition. The that surrounds nodes can be used two purposes. First, neighbourhood associated connections either "attack-like" normal "normal-like" connections. Each will have value from 0 1 SOM collection. This additional information is very valuable analyst when considering wide range responsive actions. Second, removing amplify contrast between other weights remaining after removed create reduced rule describes classification type. found rules which they were derived, with significantly lower false alarm rate.
acm.org 参考文章(19)
Susan M Bridges, Rayford B Vaughn, FUZZY DATA MINING AND GENETIC ALGORITHMS APPLIED TO INTRUSION DETECTION ,(2002)
Levent Ertöz, Aleksandar Lazarevic, Vipin Kumar, Jaideep Srivastava, Aysel Ozgur, A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection. siam international conference on data mining. pp. 25- 36 ,(2003)
Brian R. Gaines, Transforming Rules and Trees into Comprehensible Knowledge Structures ,(2000)
Kenneth McGarry, John MacIntyre, Stefan Wermter, Hybrid neural systems: from simple coupling to fully integrated neural networks ,(1999)
G. Giacinto, F. Roli, Intrusion detection in computer networks by multiple classifier systems international conference on pattern recognition. ,vol. 2, pp. 390- 393 ,(2002) , 10.1109/ICPR.2002.1048321
Gerard Salton, Michael J. McGill, Introduction to Modern Information Retrieval ,(1983)
Teresa F. Lunt, A survey of intrusion detection techniques Computers & Security. ,vol. 12, pp. 405- 418 ,(1993) , 10.1016/0167-4048(93)90029-5
Stefano Zanero, Sergio M. Savaresi, Unsupervised learning techniques for an intrusion detection system acm symposium on applied computing. pp. 412- 419 ,(2004) , 10.1145/967900.967988
Eric Chen-Kuo Tsao, James C. Bezdek, Nikhil R. Pal, Fuzzy Kohonen clustering networks Pattern Recognition. ,vol. 27, pp. 757- 764 ,(1994) , 10.1016/0031-3203(94)90052-3
R. A. FISHER, THE USE OF MULTIPLE MEASUREMENTS IN TAXONOMIC PROBLEMS Annals of Human Genetics. ,vol. 7, pp. 179- 188 ,(1936) , 10.1111/J.1469-1809.1936.TB02137.X