IEEE Transactions on Software Engineering - Special issue on computer security and privacy
A Neural Network for PCA and Beyond
Neural Processing Letters
The grid: blueprint for a new computing infrastructure
The grid: blueprint for a new computing infrastructure
The rectified Gaussian distribution
NIPS '97 Proceedings of the 1997 conference on Advances in neural information processing systems 10
Identifying enterprise network vulnerabilities
International Journal of Network Management
Learning Program Behavior Profiles for Intrusion Detection
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
A Computer Host-Based User Anomaly Detection System Using the Self-Organizing Map
IJCNN '00 Proceedings of the IEEE-INNS-ENNS International Joint Conference on Neural Networks (IJCNN'00)-Volume 5 - Volume 5
Unsupervised learning techniques for an intrusion detection system
Proceedings of the 2004 ACM symposium on Applied computing
Maximum and Minimum Likelihood Hebbian Learning for Exploratory Projection Pursuit
Data Mining and Knowledge Discovery
Complexity Pursuit: Separating Interesting Components from Time Series
Neural Computation
A Projection Pursuit Algorithm for Exploratory Data Analysis
IEEE Transactions on Computers
Towards a grid-wide intrusion detection system
EGC'05 Proceedings of the 2005 European conference on Advances in Grid Computing
Detecting compounded anomalous SNMP situations using cooperative unsupervised pattern recognition
ICANN'05 Proceedings of the 15th international conference on Artificial neural networks: formal models and their applications - Volume Part II
Testing CAB-IDS through mutations: on the identification of network scans
KES'06 Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part II
Hi-index | 0.00 |
Thework presented in this paper shows the capability of a connectionist model, based on a statistical technique called Exploratory Projection Pursuit (EPP), to identify anomalous situations related to the traffic which travels along a computer network. The main novelty of this research resides on the fact that the connectionist architecture used here has never been applied to the field of IDS (Intrusion Detection Systems) and network security. The IDS presented is used as a method to investigate the traffic which travels along the analysed network, detecting SNMP (Simple Network Management Protocol) anomalous traffic patterns. In this paper we have focused our attention on the study of two interesting and dangerous anomalous situations: a port sweep and a MIB (Management Information Base) information transfer. The presented IDS is a useful visualization tool for network administrators to study anomalous situations related to SNMP and decide if they are intrusions or not. To show the power of the method, we illustrate our research by using real intrusion detection scenario specific data sets.