Intrusion Detection System Based on a Cooperative Topology Preserving Method
This work describes ongoing multidisciplinary research which aims to analyse and to apply connectionist architectures to the interesting field of computer security. In this paper, we present a novel approach for Intrusion Detection Systems (IDS) based on an unsupervised connectionist model used as a method for classifying data. It is used in this special case, as a method to analyse the traffic which travels along the analysed network, detecting anomalous traffic patterns related to SNMP (Simple Network Management Protocol). Once the data has been collected and pre-processed, we use a novel connectionist topology preserving model to analyse the traffic data. It is an extension of the negative feedback network characterised by the use of lateral connections on the output layer. These lateral connections have been derived from the Rectified Gaussian distribution.
Unable to display preview. Download preview PDF.
- Myerson, J.M. (2002) Identifying enterprise network vulnerabilities. International Journal of Network Management. 12(3).Google Scholar
- Planquart, J-P. (2002) Application of Neural Networks to Intrusion Detection. Information Security Reading Room — SANS (SysAdmin, Audit, Network, Security) Institute.Google Scholar
- Corchado, E., Fyfe, C. (2003) Orientation Selection Using Maximum Likelihood Hebbian Learning. International Journal of Knowledge-Based Intelligent Engineering Systems. 7(2).Google Scholar
- Seung, H.S., Socci, N.D., Lee, D. (1998) The Rectified Gaussian Distribution. Advances in Neural Information Processing Systems, 10: 350.Google Scholar
- Corchado, E., Corchado, J.M., Sáiz, L., Lara, A. (2004) Constructing a Global and Integral Model of Business Management Using a CBR system. First International Conference on Cooperative Design, Visualization and Engineering (CDVE 04).Google Scholar
- Fyfe, C., Corchado, E. (2002) Maximum Likelihood Hebbian Rules. European Symposium on Artificial Neural Networks.Google Scholar
- Lunt, T., Tamaru, A., Gilham, F., Jaganathan, R., Neuman, P., Jalali, C. (1990) IDES: A Progress Report. Sixth Annual Computer Security Applications Conference.Google Scholar
- Denning, D. (1987) An Intrusion Detection Model. IEEE Transactions on Software Engineering. SE-13(2).Google Scholar
- Debar, H., Becker, M., Siboni, D. (1992) A Neural Network Component for an Intrusion Detection System. IEEE Symposium on Research in Computer Security and Privacy.Google Scholar
- Cisco Secure Consulting. (2000) Vulnerability Statistics Report.Google Scholar
- Case, J., Fedor, M.S., Schoffstall, M.L., Davin, C. (1990) Simple Network Management (SNMP). RFC-1157.Google Scholar