FUSION OF RECIRCULATION NEURAL NETWORKS FOR REAL-TIME NETWORK INTRUSION DETECTION AND RECOGNITION
DOI:
https://doi.org/10.47839/ijc.11.4.581Keywords:
Intrusion detection, classification, artificial neural networks.Abstract
Intrusion detection system is one of the essential security tools of modern information systems. Continuous development of new types of attacks re quires the development of intelligent approaches for intrusion detection capable to detect newest attacks. We present recirculation neural network based approach which lets to detect previously unseen attack types in real-time mode and to further correct recognition of this types. In this paper we use recirculation neural networks as an anomaly detector as well as a misuse detector, ensemble of anomaly and misuse detectors, fusion of several detectors for correct detection and recognition of attack types. The experiments held on both KDD’99 data and real network traffic data show promising results.References
CSI Computer Crime and Security Survey 2010 [Electronic resource] Mode of access: http://gocsi.com/survey. – Date of access: 11.01.2011.
Proposal for a Regulation of the European Parliament and Council concerning the European Network and Information Security Agency (ENISA) [Electronic resource] Mode of access: http://ec.europa.eu/governance/impact/ia_carried_out/docs/ia_2010/sec_2010_1126_en.pdf. – Date of access: 11.01.2011.
J. Beale and Caswell. Snort 2.1. Intrusion Detection. – 2-nd ed. – Syngress Publishing, Inc. 2004.
Prelude SIEM. [Electronic resource] Mode of access: http://www.prelude-technologies.com/en/welcome/index.html. – Date of access: 12.01.2011.
Cisco Intrusion Detection [Electronic resource] Mode of access: http://www.cisco.com/warp/public/cc/pd/sqsw/sqidsz/index.shtml. Date of access: 12.01.2011.
Bro Intrusion Detection System [Electronic resource] Mode of access: http://www.bro-ids.org/. Date of access: 12.01.2011.
J. Frank, Artificial intelligence and intrusion detection: Current and future directions, The 17th National Computer Security Conference, Baltimore, MD, 1999 / National Institute of Standards and Technology (NIST). – 1999.
C. Srilatha, A. Ajith, Th. Johnson, Feature deduction and ensemble design of intrusion detection systems, Computers & Security, (24) (2005), pp. 295-307.
T.D. Lane, Machine Learning Techniques for the Computer Security Domain of Anomaly Detection, Ph. D. Thesis, Purdue Univ., West Lafayette, IN, 2000.
J.E. Dickerson, J.A. Dickerson, Fuzzy intrusion detection, IFSA World Congress and 20th North American Fuzzy Information Processing Society (NAFIPS) International Conf.: proceedings, Vancouver, Canada, July, 2001. – North American Fuzzy Information Processing Society (NAFIPS), (Vol. 3), (2001), pp. 1506-1510.
S.A. Hofmeyr, S. Fo, Immunizing computer networks: Getting all the machines in your network to fight the hacker disease, The 1999 IEEE Symp. on Security and Privacy: proceedings, Oakland, CA, 1999. – IEEE Computer Society Press, 1999.
E. Eskin, A geometric framework for unsupervised anomaly detection: Detecting intrusions in unlabeled data, Data Mining for Security Applications; Eds.: D. Barbar, S. Jajodia, Boston, Kluwer Academic Publishers, 2002.
A. Iftikhar, A. Azween, A. Alghamdi, Towards the selection of best neural network system for intrusion detection, International Journal of the Physical Sciences, (5) 12 (2010), pp. 1830-1839.
A. Ali, A. Saleh, T. Badawy, Intelligent adaptive intrusion detection systems using neural networks (comparative study), International Journal of Video & Image Processing and Network Security, (10) 1 (2010).
M. Pradhan, S.K. Pradhan, S.K. Sahu, Anomaly detection using artificial neural network, International Journal of Engineering Sciences & Emerging Technologies, (2) 1 (2012), pp. 29-36.
Kh. Al-Nafjan, M.A. Al-Hussein, A.S. Alghamdi, M. Amanul Haque, and I. Ahmad, Intrusion detection using PCA based modular neural network, International Journal of Machine Learning and Computing, (2) 5 (2012), pp. 583-587.
A. Jahanbani, H. Karimi, A new Approach for detecting intrusions based on the PCA neural networks, Journal of Basic and Applied Scientific Research, (2) 1 (2012), pp. 672-679.
G. Liu, Z. Yi, S. Yang, A hierarchical intrusion detection model based on the PCA neural networks, Neurocomputing, 2007.
L.O. Anyanwu, L. Keengwe, G.A. Arome, Scalable intrusion detection with recurrent neural networks, International Journal of Multimedia and Ubiquitos Engineering, (6) 1 (2011).
H.G. Kayacik, A.N. Zincir-Heywood, M. Heywood, A hierarchical SOM-based intrusion detection system, Engineering Applications of Artificial Intelligence, 9 (2006), pp. 439-451.
G. Liu, Z. Yi, S. Yang, A hierarchical intrusion detection model based on the PCA neural networks, Neurocomputing, 2007, pp. 1561-1568.
T. Novosad, J. Platos, V. Snasel, A. Ajith, Fast intrusion detection system based on flexible neural tree, proceedings of Sixth International Conference on Information Assurance and Security (IAS), USA, 2010, pp. 142-147.
G. Wang, J. Hao, J. Ma, L. Huang, A new approach to intrusion detection using Artificial Neural Networks and fuzzy clastering, Expert Systems with Applications, (2) (2010).
M.J. Muna, M. Mehrotra, Design network intrusion detection system usin hybrid fuzzy-neural network, International Journal of Computer Science and Security, (4) 3 (2010), pp. 258-294.
A. Yousef, Z. Jovanovic, Flow-based anomaly intrusion detection system using neural network, Proceedings of International Conference on Internet Computing, Informatics in E-Business and applied Computing (ICIEACS 2012), Bur Dubai, UAE, 2012.
KDD Cup’99 Competition, 1999, http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
G. Giacinto, F. Roli, L. Didaci, Fusion of multiple classifiers for intrusion detection in computer networks, Pattern Recognition Letters, 24, 2003, pp. 1795-180.
S. Saravanakumar, Umamahchwari, D. Jayalakshmi, R. Sugumar, Development and implementation of artificial neural networks for intrusion detection in computer network, International Journal of Computer Science and Network Security, (10) 7 (2010).
P. Kachurka, V. Golovko, Neural network approach to real-time network intrusion detection and recognition, Proceedings of The 6th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, (15-17 September 2011), Prague, 2011, pp. 393-397.
Downloads
Published
How to Cite
Issue
Section
License
International Journal of Computing is an open access journal. Authors who publish with this journal agree to the following terms:• Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
• Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
• Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.