SOM-based anomaly intrusion detection system

Authors:
Chun-Dong Wang;He-Feng Yu;Huai-Bin Wang;Kai Liu
Affiliations:
School of Computer Science and Technology, Tianjin University of Technology, Tianjin, China;School of Computer Science and Technology, Tianjin University of Technology, Tianjin, China;School of Computer Science and Technology, Tianjin University of Technology, Tianjin, China;School of Computer Science and Technology, Tianjin University of Technology, Tianjin, China
Venue:
EUC'07 Proceedings of the 2007 international conference on Embedded and ubiquitous computing
Year:
2007

Citing 3
Cited 0

Neural network design

Neural network design
Self-organizing maps

Self-organizing maps
Unsupervised learning techniques for an intrusion detection system

Proceedings of the 2004 ACM symposium on Applied computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, a SOM-based anomaly intrusion detection system is proposed, which can contract high-dimension data to lower, meanwhile keeping the primary relationship between clustering and topology. During the experiment, the theory of SOM is used to train three SOMs on the layers of system, process and network. Although our experiment environment is simpler than the real one, the result shows that it has its reference value for us to build intelligent IDSs. Through the analysis of the monitoring results on the three layers from the hacking tools (NMAP, HYDRA), it is suggested that the approach of detecting and the parameters chosen be correct and effective.