Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

A Comparison of Neural Projection Techniques Applied to Intrusion Detection Systems

  • Conference paper
Computational and Ambient Intelligence (IWANN 2007)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4507))

Included in the following conference series:

  • 2317 Accesses

Abstract

This paper reviews one nonlinear and two linear projection architectures, in the context of a comparative study, which are used as either alternative or complementary tools in the identification and analysis of anomalous situations by Intrusion Detection Systems (IDSs). Three neural projection models are empirically compared, using real traffic data sets in an IDS framework. The specific multivariate data analysis techniques that drive these models are able to identify different factors or components by studying higher order statistics - variance and kurtosis - in order to display the most interesting projections or dimensions. Our research describes how a network manager is able to diagnose anomalous behaviour in data traffic through visual projection of network traffic. We also emphasize the importance of the time-dependent variable in the application of these projection methods.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Friedman, J.H., Tukey, J.W.: A Projection Pursuit Algorithm for Exploratory Data-Analysis. IEEE Transactions on Computers 23(9), 881–890 (1974)

    Article  MATH  Google Scholar 

  2. Pearson, K.: On Lines and Planes of Closest Fit to Systems of Points in Space. Philosophical Magazine 2(6), 559–572 (1901)

    Google Scholar 

  3. Hotelling, H.: Analysis of a Complex of Statistical Variables Into Principal Components. Journal of Education Psychology 24, 417–444 (1933)

    Article  Google Scholar 

  4. Corchado, E., MacDonald, D., Fyfe, C.: Maximum and Minimum Likelihood Hebbian Learning for Exploratory Projection Pursuit. Data Mining and Knowledge Discovery 8(3), 203–225 (2004)

    Article  MathSciNet  Google Scholar 

  5. Zanero, S.: Analyzing TCP Traffic Patterns Using Self Organizing Maps. In: Roli, F., Vitulano, S. (eds.) ICIAP 2005. LNCS, vol. 3617, pp. 83–90. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  6. Sarasamma, S.T., Zhu, Q.M.A., Huff, J.: Hierarchical Kohonenen Net for Anomaly Detection in Network Security. IEEE Transactions on Systems Man and Cybernetics 35(2), 302–312 (2005)

    Article  Google Scholar 

  7. Carpinteiro, O.A.S., Netto, R.S., Lima, I., de Souza, A.C.Z., Moreira, E.M., Pinheiro, C.A.M.: A Neural Model in Intrusion Detection Systems. In: Kollias, S., Stafylopatis, A., Duch, W., Oja, E. (eds.) ICANN 2006. LNCS, vol. 4132, pp. 856–862. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  8. Zhang, C.L., Jiang, J., Kamel, M.: Intrusion Detection Using Hierarchical Neural Networks. Pattern Recognition Letters 26(6), 779–791 (2005)

    Article  Google Scholar 

  9. Debar, H., Becker, M., Siboni, D.: A Neural Network Component for an Intrusion Detection System. In: Proc. of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 240–250 (1992)

    Google Scholar 

  10. Ryan, J., Lin, M.J., Miikkulainen, R.: Intrusion Detection with Neural Networks. In: Advances in Neural Information Processing Systems (NIPS’97), vol. 10, pp. 943–949. The MIT Press, Cambridge (1998)

    Google Scholar 

  11. Fyfe, C.: PCA Properties of Interneurons: from Neurobiology to Real World Computing. In: Proc. of the Int. Conf. on Artificial Neural Networks, ICANN 1993, pp. 183–188. Springer, Heidelberg (1993)

    Google Scholar 

  12. Oja, E.: A Simplified Neuron Model as a Principal Component Analyzer. Journal of Mathematical Biology 15(3), 267–273 (1982)

    Article  MATH  MathSciNet  Google Scholar 

  13. Fyfe, C., Corchado, E.: Maximum Likelihood Hebbian Rules. In: Proc. of the 10th European Symposium on Artificial Neural Networks (ESANN 2002), pp. 143–148 (2002)

    Google Scholar 

  14. Corchado, E., Fyfe, C.: Connectionist Techniques for the Identification and Suppression of Interfering Underlying Factors. Int. Journal of Pattern Recognition and Artificial Intelligence 17(8), 1447–1466 (2003)

    Article  Google Scholar 

  15. Corchado, E., Han, Y., Fyfe, C.: Structuring Global Responses of Local Filters Using Lateral Connections. Journal of Experimental & Theoretical Artificial Intelligence 15(4), 473–487 (2003)

    Article  MATH  Google Scholar 

  16. Seung, H.S., Socci, N.D., Lee, D.: The Rectified Gaussian Distribution. Advances in Neural Information Processing Systems 10, 350–356 (1998)

    Google Scholar 

  17. Kramer, M.A.: Nonlinear Principal Component Analysis Using Autoassociative Neural Networks. Aiche Journal 37(2), 233–243 (1991)

    Article  Google Scholar 

  18. Rumelhart, D.E., McClelland, J.L.: Parallel Distributed Processing. MIT Press, Cambridge (1986)

    Google Scholar 

  19. Hornik, K., Stinchcombe, M., White, H.: Multilayer Feedforward Networks Are Universal Approximators. Neural Networks 2(5), 359–366 (1989)

    Article  Google Scholar 

  20. Cybenko, G.: Approximations by Superpositions of Sigmoidal Functions. Mathematics of Control, Signal and Systems 2(4), 303–314 (1989)

    Article  MATH  MathSciNet  Google Scholar 

  21. Herrero, Á., Corchado, E.S., Sáiz, J.M.: MOVICAB-IDS: Visual Analysis of Network Traffic Data Streams for Intrusion Detection. In: Corchado, E.S., Yin, H., Botti, V., Fyfe, C. (eds.) IDEAL 2006. LNCS, vol. 4224, pp. 1424–1433. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  22. Corchado, E.S., Herrero, Á., Sáiz, J.M.: Detecting Compounded Anomalous SNMP Situations Using Cooperative Unsupervised Pattern Recognition. In: Duch, W., Kacprzyk, J., Oja, E., Zadrożny, S. (eds.) ICANN 2005. LNCS, vol. 3697, pp. 905–910. Springer, Heidelberg (2005)

    Google Scholar 

  23. Cisco Secure Consulting. Vulnerability Statistics Report (2000)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Civil Engineering Department, University of Burgos, C/ Francisco de Vitoria s/n, 09006, Burgos, Spain

    Álvaro Herrero & Emilio Corchado

  2. Department of Biophysical and Electronic Engineering (DIBE), Genoa University, Via Opera Pia 11a, 16145 Genoa, Italy

    Paolo Gastaldo & Rodolfo Zunino

Authors
  1. Álvaro Herrero
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Emilio Corchado
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Paolo Gastaldo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Rodolfo Zunino
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Francisco Sandoval Alberto Prieto Joan Cabestany Manuel Graña

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Herrero, Á., Corchado, E., Gastaldo, P., Zunino, R. (2007). A Comparison of Neural Projection Techniques Applied to Intrusion Detection Systems. In: Sandoval, F., Prieto, A., Cabestany, J., Graña, M. (eds) Computational and Ambient Intelligence. IWANN 2007. Lecture Notes in Computer Science, vol 4507. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73007-1_138

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-73007-1_138

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-73006-4

  • Online ISBN: 978-3-540-73007-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation