UNITED STATES
Self Organizing Maps to Build Intrusion Detection System
|
10.5120/191-328 |
Vivek A Patole, V K Pachghare and Parag Kulkarni. Article: Self Organizing Maps to Build Intrusion Detection System. International Journal of Computer Applications 1(7):1–4, February 2010. Published By Foundation of Computer Science. BibTeX
@article{key:article,
author = {Vivek A. Patole and V. K. Pachghare and Parag Kulkarni},
title = {Article: Self Organizing Maps to Build Intrusion Detection System},
journal = {International Journal of Computer Applications},
year = {2010},
volume = {1},
number = {7},
pages = {1--4},
month = {February},
note = {Published By Foundation of Computer Science}
}
Abstract
With the rapid expansion of computer usage and computer network the security of the computer system has became very important. Every day new kind of attacks are being faced by industries. Many methods have been proposed for the development of intrusion detection system using artificial intelligence technique. In this paper we will have a look at an algorithm based on neural networks that are suitable for Intrusion Detection Systems (IDS) [1] [2]. The name of this algorithm is “Self Organizing Maps” (SOM). Neural networks method is a promising technique which has been used in many classification problems. The neural network component will implement the neural approach, which is based on the assumption that each user is unique and leaves a unique footprint on a computer system when using it. If a user’s footprint does not match his/her reference footprint based on normal system activities, the system administrator or security officer can be alerted to a possible security breach. At the end of the paper we will figure out the advantages and disadvantages of Self Organizing Maps and explain how it is useful for building an Intrusion Detection System.
Reference
- Damiano Bolzoni, Sandro Etalle, Pieter H. Hartel, and Emmanuele Zambon. Poseidon: a 2-tier anomaly-based network intrusion detection system. In Proceedings of the 4th IEEE International Workshop on Information Assurance, 13-14 April 2006, Egham, Surrey, UK, pages 144–156, 2006.
- D. A. Frincke, D. Tobin, J. C. McConnell, J. Marconi, and D. Polla. A framework for cooperative intrusion detection. In Proc. 21st NIST-NCSC National Information Systems Security Conference, pages 361–373, 1998.
- Denning D, “An Intrusion-Detection Model”, IEEE Transactions on Software Engineering, Vol. SE-13, No 2, Feb 1987.
- Simon Haykin, “Neural Networks: A Comprehensive Foundation”, Prentice Hall, 2nd edition, 1999.
- Kohonen, T, “Self-Organizing Maps”, Springer Series in Information Sciences. Berlin, Heidelberg: Springer. 1997.
- P. Lichodzijewski, A. Zincir-Heywood, and M. Heywood. “Dynamic intrusion detection using self organizing maps”, 2002.
- McHugh, J.: Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by lincoln laboratory. ACM Trans. on Information and System Security 3 (2000) 262–294.
- Wenke Lee and Salvatore J. Stolfo, “A framework for constructing features and models for intrusion detection systems”, ACM Trans. Inf. Syst. Secur., 3(4):227–261, 2000.
- Rhodes, B., Mahaffey, J., Cannady, J., “Multiple Self-Organizing Maps for Intrusion Systems”
- Bishop, C. M, “Neural Networks for Pattern Recognition”, Oxford: Clarendon-Press, 1996.
- Lane, T., and Brodley, C. E. 1999. Temporal sequence learning and data reduction for anomaly detection. ACM Transactions on Information and System Security 2(3):295—331.
