EC2ND 2005 pp 187-196 | Cite as

Detecting and Classifying Attacks in Computer Networks Using Feed-Forward and Elman Neural Networks

  • V. Alarcon-Aquino
  • J. A. Mejia-Sanchez
  • R. Rosas-Romero
  • J. F. Ramirez-Cruz
Conference paper


In this paper, we present an approach for detecting and classifying attacks in computer networks by using neural networks. Specifically, a design of an intruder detection system is presented to protect the hypertext transfer protocol (HTTP). We propose the use of an application-based model using neural networks to model properly non-linear data. The benefit of this perspective is to work directly on the causes of an attack, which are determined directly by the commands used in the protected application. The intruder detection system is designed by defining three different neural networks, which include two multi-layer feed-forward networks and the Elman recurrent network. The results reported in this paper show that the Elman recurrent network achieved a performance around ninety percent of good detection, which demonstrates the reliability of the designed system to detect and classify attacks in high-level network protocols.


Intrusion Detection Neural networks HTTP protocol 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    M. Beale, and H. Demuth, Neural Network Toolbox, Math Works, Inc. Massachusetts, USA, (2003).Google Scholar
  2. [2]
    C. Bishop, Neural Networks for Pattern Recognition. Oxford University Press, Nueva York, USA, (1995).Google Scholar
  3. [3]
    A. Bivens, C. Palagiri, R. Smith, B. Szymanski, and M. Embrechts, Network-Based Intrusion Detection Using Neural Networks, Intelligent Engineering Systems through Artificial Neural Networks, Proc. of ANNIE-2002, vol. 12, ASME Press, New York, (2002) pp. 579–584.Google Scholar
  4. [4]
    S. Haykin S., Neural Networks: A Comprehensive Foundation, McMMillan, New York, (1994).MATHGoogle Scholar
  5. [5]
    C. Manikopoulos, C. and S. Papavassiliou, Network Intrusion and Fault Detection: A Statistical Anomaly Approach, IEEE Communications Magazine, October (2002) pp. 76–82.Google Scholar
  6. [6]
    T. Masters, Practical Neural Network Recipes in C++, Academic Press, Inc. California, USA, (1993).Google Scholar
  7. [7]
    J. A. Mejia-Sanchez, Detección de Intrusos en Redes de Comunicaciones Utilizando Redes Neuronales, Department of Electrical and Electronic Engineering, Universidad de las Américas Puebla, Mexico, May (2004).Google Scholar
  8. [8]
    B. Mukherjee, L. T. Heberlein, and K. N. Levitt. Network Intrusion Detection, IEEE Net-work, May/June (1994).Google Scholar
  9. [9]
    J. P. Planquart, Application of Neural Networks to Intrusion Detection, SANS Institute, July (2001).Google Scholar
  10. [10]
    N. Pongratz, Application of Neural Networks to Recognize Computer Identity Hijacking, University of Wisconsin, (2001).Google Scholar
  11. [11]
    E. Torres, Immunologic System for intrusion detection at http protocol level, Department of Systems Engineering, Pontificia Universidad Javeriana, Colombia, May (2003).Google Scholar
  12. [12]
    S21SEC, Google Scholar
  13. [13]
    L. de Sa Silva, A. C. Ferrari dos Santos, J. D. S. Da Silva, A. Montes., A Neural Network Application for Attack Detection in Computer Networks, IEEE International Joint Conference on Neural Networks, Vol. 2, July (2004) pp. 1569–1574.Google Scholar
  14. [14]
    X. Jing-Sheng, S. Ji-Zhou, Z. Xu., Recurrent Network in Network Intrusion Detection System, IEEE International Conference on Machine Learning and Cybernetics, Vol. 5 August (2004) pp. 2676–2679.Google Scholar
  15. [15]
    Y. Bai, and H. Kobayashi, Intrusion Detection Systems: Technology and Development, IEEE International Conference on Advanced Information Networking and Application (AINA’ 03), (2003)Google Scholar

Copyright information

© Springer-Verlag London Limited 2006

Authors and Affiliations

  • V. Alarcon-Aquino
    • 1
  • J. A. Mejia-Sanchez
    • 1
  • R. Rosas-Romero
    • 1
  • J. F. Ramirez-Cruz
    • 2
  1. 1.Department of Electrical and Electronic Engineering Communication and Signal Processing Group, CENTIAUniversidad de las Américas-PueblaCholula, PueblaMexico
  2. 2.Department of Computer ScienceInstituto Tecnologico de ApizacoTlaxcalaMexico

Personalised recommendations