An Efficient Parzen-Window Based Network Intrusion Detector Using a Pattern Synthesis Technique

  • P. Viswanath
  • M. Narasimha Murty
  • Satish Kambala
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3776)

Abstract

The problem of detecting anomalous network connections caused by intrusion activities is called Network intrusion detection. Conventional classification methods use data from both normal and intrusion classes to build the classifiers. However, intrusion data are usually scarce and difficult to collect. Novelty detection approach overcomes this problem which depends only on normal data. For this purpose, nonparametric density estimation approaches based on Parzen-window estimators are proposed earlier. Two fundamental problems faced are, (i) due to curse of dimensionality, for high dimensional data with a limited training set, the estimation can be biased and (ii) high computational requirements. We propose, (i) a novel pattern synthesis technique to synthesize artificial new training patterns to increase the training set size and thus to reduce the curse of dimensionality effect, and (ii) a compact data representation scheme to store the entire synthetic set to reduce the computational costs. The effectiveness of our methods are experimentally demonstrated.

References

  1. 1.
    Lippmann, R., Cunningham, R.: Improving intrusion detection performance using keyword selection and neural networks. Computer Networks 34, 579–603 (2000)CrossRefGoogle Scholar
  2. 2.
    Lee, W., Xiang, D.: Information-theoretic measures for anomaly detection. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 130–143 (2001)Google Scholar
  3. 3.
    Yeung, D.Y., Chow, C.: Parzen-window network intrusion detectors. In: Proceedings of the 16th International Conference on Pattern Recognition, vol. 4, pp. 385–388 (2002)Google Scholar
  4. 4.
    Parzen, E.: On estimation of a probability density function and mode. Annals of Mathematical Statistics 33, 1065–1076 (1962)MATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    Ananthanarayana, V., Murty, M., Subramanian, D.: An incremental data mining algorithm for compact realization of prototypes. Pattern Recognition 34, 2249–2251 (2001)MATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • P. Viswanath
    • 1
  • M. Narasimha Murty
    • 2
  • Satish Kambala
    • 3
  1. 1.Dept. of CSEIIT-GuwahatiGuwahatiIndia
  2. 2.Dept. of CSAIIScBangaloreIndia
  3. 3.Dept. of CSENITTiruchirapalliIndia

Personalised recommendations