Abstract
In this paper, we review a visual approach and propose it for analysing computer-network activity, which is based on the use of unsupervised connectionist neural network models and does not rely on any previous knowledge of the data being analysed. The presented Intrusion Detection System (IDS) is used as a method to investigate the traffic which travels along the analysed network, detecting SNMP (Simple Network Management Protocol) anomalous traffic patterns. In this paper we have focused our attention on the study of anomalous situations generated by a MIB (Management Information Base) information transfer.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Planquart, J.-P.: Application of Neural Networks to Intrusion Detection. Information Security Reading Room - SANS (SysAdmin, Audit, Network, Security) Institute (2002)
Hätönen, K., Höglund, A., Sorvari, A.: A Computer Host-Based User Anomaly Detection System Using the Self-Organizing Map. In: International Joint Conference of Neural Networks (2000)
Ghosh, A., Schwartzbard, A., Schatz, A.: Learning Program Behavior Profiles for Intrusion Detection. In: Workshop on Intrusion Detection and Network Monitoring (1999)
Debar, H., Becker, M., Siboni, D.: A Neural Network Component for an Intrusion Detection System. In: IEEE Symposium on Research in Computer Security and Privacy (1992)
Corchado, E., Herrero, A., Baruque, B., Saiz, J.M.: Intrusion Detection System Based on a Cooperative Topology Preserving Method. In: International Conference on Adaptive and Natural Computing Algorithms. Springer Computer Science. Springer/Wien, NewYork (2005)
Friedman, J., Tukey, J.: A Projection Pursuit Algorithm for Exploratory Data Analysis. IEEE Transaction on Computers (23), 881–890 (1974)
Hyvärinen, A.: Complexity Pursuit: Separating Interesting Components from Time Series. Neural Computation 13, 883–898 (2001)
Corchado, E., MacDonald, D., Fyfe, C.: Maximum and Minimum Likelihood Hebbian Learning for Exploratory Projection Pursuit. Data Mining and Knowledge Discovery 8(3), 203–225 (2004)
Fyfe, C., Corchado, E.: Maximum Likelihood Hebbian Rules. In: ESANN (2002)
Corchado, E., Han, Y., Fyfe, C.: Structuring Global Responses of Local Filters Using Lateral Connections. JETAI 15(4), 473–487 (2003)
Corchado, E., Fyfe, C.: Connectionist Techniques for the Identification and Suppression of Interfering Underlying Factors. International Journal of Pattern Recognition and Artificial Intelligence 17(8), 1447–1466 (2003)
Seung, H.S., Socci, N.D., Lee, D.: The Rectified Gaussian Distribution. Advances in Neural Information Processing Systems 10, 350 (1998)
Fyfe, C.: A Neural Network for PCA and Beyond. Neural Processing Letters 6 (1996)
Case, J., Fedor, M.S., Schoffstall, M.L., Davin, C.: Simple Network Management (SNMP). RFC-1157 (1990)
Postel, J.: IAB Official Protocol Standards. RFC-1100 (1989)
Oja, E.: Neural Networks, Principal Components and Subspaces. International Journal of Neural Systems 1, 61–68 (1989)
Foster, I., Kesselman, C.: The Grid: Blueprint for a New Computing Infrastructure, 1st edn. Morgan Kaufmann Publishers, San Francisco (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Herrero, Á., Corchado, E., Sáiz, J.M. (2005). An Unsupervised Cooperative Pattern Recognition Model to Identify Anomalous Massive SNMP Data Sending. In: Wang, L., Chen, K., Ong, Y.S. (eds) Advances in Natural Computation. ICNC 2005. Lecture Notes in Computer Science, vol 3610. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11539087_103
Download citation
DOI: https://doi.org/10.1007/11539087_103
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28323-2
Online ISBN: 978-3-540-31853-8
eBook Packages: Computer ScienceComputer Science (R0)