Fusion of multiple classifiers for intrusion detection in computer networks
Pattern Recognition Letters
Intrusion detection using hierarchical neural networks
Pattern Recognition Letters
A parallel genetic local search algorithm for intrusion detection in computer networks
Engineering Applications of Artificial Intelligence
Processing of massive audit data streams for real-time anomaly intrusion detection
Computer Communications
Ensemble of classifiers for detecting network intrusion
Proceedings of the International Conference on Advances in Computing, Communication and Control
Artificial neural network approaches to intrusion detection: a review
TELE-INFO'09 Proceedings of the 8th Wseas international conference on Telecommunications and informatics
Review: The use of computational intelligence in intrusion detection systems: A review
Applied Soft Computing
A modular multiple classifier system for the detection of intrusions in computer networks
MCS'03 Proceedings of the 4th international conference on Multiple classifier systems
Intrusion detection in computer networks with neural and fuzzy classifiers
ICANN/ICONIP'03 Proceedings of the 2003 joint international conference on Artificial neural networks and neural information processing
Application classification through monitoring and learning of resource consumption patterns
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
A cryptographic scheme based on neural networks
ICCOM'06 Proceedings of the 10th WSEAS international conference on Communications
Resource awareness in computational intelligence
International Journal of Advanced Intelligence Paradigms
A neural model in intrusion detection systems
ICANN'06 Proceedings of the 16th international conference on Artificial Neural Networks - Volume Part II
ICAPR'05 Proceedings of the Third international conference on Pattern Recognition and Image Analysis - Volume Part II
A hybrid neural network approach to the classification of novel attacks for intrusion detection
ISPA'05 Proceedings of the Third international conference on Parallel and Distributed Processing and Applications
A novel intrusions detection method based on HMM embedded neural network
ICNC'05 Proceedings of the First international conference on Advances in Natural Computation - Volume Part I
ICIAP'05 Proceedings of the 13th international conference on Image Analysis and Processing
A survey on fraud and service misuse in voice over IP (VoIP) networks
Information Security Tech. Report
The Journal of Supercomputing
Information Sciences: an International Journal
| Hi-index | 0.00 |
While many commercial intrusion detection systems (IDS) are deployed, the protection they afford is modest. State-of-the-art IDS produce voluminous alerts, most false alarms, and function mainly by recognizing the signatures of known attacks so that novel attacks slip past them. Attempts have been made to create systems that recognize the signature of “normal,” in the hope that they will then detect attacks, known or novel. These systems are often confounded by the extreme variability of nominal behavior. The paper describes an experiment with an IDS composed of a hierarchy of neural networks (NN) that functions as a true anomaly detector. This result is achieved by monitoring selected areas of network behavior, such as protocols, that are predictable in advance. While this does not cover the entire attack space, a considerable number of attacks are carried out by violating the expectations of the protocol/operating system designer. Within this focus, the NNs are trained using data that spans the entire normal space. These detectors are able to recognize attacks that were not specifically presented during training. We show that using small detectors in a hierarchy gives a better result than a single large detector. Some techniques can be used not only to detect anomalies, but to distinguish among them