Detecting Anomalous Traffic Using Statistical Discriminator and Neural Decisional Motor

Authors:
Paola Baldassarri;Anna Montesanto;Paolo Puliti
Affiliations:
Dipartimento di Elettronica Intelligenza Artificiale e Telecomunicazioni, Università Politecnica delle Marche, Ancona, Italy;Dipartimento di Elettronica Intelligenza Artificiale e Telecomunicazioni, Università Politecnica delle Marche, Ancona, Italy;Dipartimento di Elettronica Intelligenza Artificiale e Telecomunicazioni, Università Politecnica delle Marche, Ancona, Italy
Venue:
IWINAC '07 Proceedings of the 2nd international work-conference on The Interplay Between Natural and Artificial Computation, Part I: Bio-inspired Modeling of Cognitive Tasks
Year:
2007

Citing 3
Cited 0

Self-Organizing Maps

Self-Organizing Maps
NetSTAT: A Network-Based Intrusion Detection Approach

ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Detecting Anomalous and Unknown Intrusions Against Programs

ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

One of the main challenges in the information security concerns the introduction of systems able to identify intrusions. In this ambit this work takes place describing a new Intrusion Detection System based on anomaly approach. We realized a system with a hybrid solution between host-based and network-based approaches, and it consisted of two subsystems: a statistical system and a neural one. The features extracted from the network traffic belong only to the IP Header and their trend allows us detecting through a simple visual inspection if an attack occurred. Really the two-tier neural system has to indicate the status of the system. It classifies the traffic of the monitored host, distinguishing the background traffic from the anomalous one. Besides, a very important aspect is that the system is able to classify different instances of the same attack in the same class, establishing which attack occurs.