Intrusion Detection and Classification of Attacks in High-Level Network Protocols Using Recurrent Neural Networks
This paper presents an application-based model for classifying and identifying attacks in a communications network and therefore guarantees its safety from HTTP protocol-based malicious commands. The proposed model is based on a recurrent neural network architecture and it is therefore suitable to work online and for analyzing non-linear patterns in real time to self-adjust to changes in its input environment. Three different neural network-based systems have been modelled and simulated for comparison purposes in terms of overall performance: a Feed-forward Neural Network, an Elman Network, and a Recurrent Neural Network. Simulation results show that the latter possesses a greater capacity than either of the others for the correct identification and classification of HTTP attacks, and it also reaches a result at a great speed, its somewhat taxing computing requirements notwithstanding.
Unable to display preview. Download preview PDF.
- R. P. Lippmann, An Introduction to Computing with Neural Nets, in Neural Networks: Theoretical Foundations and Analysis, Edited by Clifford Lau, IEEE Press, 1992.Google Scholar
- C. Lau, Artificial Neural Networks: Paradigms, Applications, and Hardware Implementations. IEEE Press, New Jersey. 1992. pp. 64- 90Google Scholar
- B. Widrow, 30 Years of Adaptative Neural Networks:Perceptron, Madaline, and Backpropagation. Proc. IEEE, Vol. 78. 1990.Google Scholar
- J. A. Anderson, An Introduction to Neural Networks. MIT Press, Cambridge, Massachusetts. 1997. pp. 12 - 52Google Scholar
- S. Haykin, Neural Networks. Prentice Hall, 1998. pp. 274 - 298Google Scholar
- V. Alarcon-Aquino, J.A. Mejía Sánchez, R. Rosas-Romero, J.F. Ramírez-Cruz., Detecting and Classifying Attacks in Computer Networks Using Feed-forward and Elman Neural Networks. Proceedings of the 1st European Conference on Computer Network Defense, EC2ND 2005, Wales, Uk. Springer Verlag 2005.Google Scholar
- E. Torres, Sistema Inmunológico para la Detección de Intrusos a Nivel de Protocolo HTTP. Pontificia Universidad Javeriana, Bogotá, Colombia 2003.Google Scholar
- Digital Security of the Future S21SEC URL http://www.s21sec.com.
- P. Inella, The Evolution of Intrusion Detection Systems, Tetrad Digital Integrity, LLC. EE.UU., 2001. pp. 1 - 15Google Scholar
- M. Embrechts, MetaNeural tm – Hands-on. Rensselaer Polytechnic Institute, Troy NY. 1993. pp. 1- 5, 8 - 13Google Scholar
- J. Willams, D. Zipser, Gradient-Based Learning Algorithm for Recurrent Connectionist Networks. La Jolla, CA Press. California, 1990. pp 1-5Google Scholar
- M. Mak, K. Ku, Y. Lu, On the improvement of the Real-Time Recurrent Learning Algorithm for Recurrent Neural Networks, Department of Electronic Engineering, Hong Kong Polytechnic University, Hong Kong, 1998. pp. 1- 4Google Scholar
- M. Mak, Application of A Fast Real Time Recurrent Learning Algorithm to Text-to-Phoneme Conversion, Department. of Electronic Engineering, Hong Kong Polytechnic University, Hong Kong, 1995. pp. 1- 5Google Scholar
- A. Bivens, C. Palagiri, R. Smith, B. Szymanski, and M. Embrechts, Network-Based Intrusion Detection Using Neural Networks, Intelligent Engineering Systems through Artificial Neural Networks, Proc. Of ANNIE-2002, vol. 12, ASME Press, New York, 2002 pp. 579-584.Google Scholar
- C. Manikopoulos, C. and S. Papavassiliou, Network Intrusion and Fault Detection: A Statistical Anomaly Approach, IEEE Communications Magazine, October 2002, pp. 76-82.Google Scholar
- J. P. Planquart, Application of Neural Networks to Intrusion Detection, SANS Institute, July 2001.Google Scholar
- W. Lisheng, X. Zongben, Sufficient and Neural Networks, IEEE Transactions on Circuits and Systems I, Vol. 5, Issue 6, June 2006.Google Scholar
- V. Alarcon-Aquino, J. A. Barria, Anomaly Detection in Communication Networks Using Wavelets, IEE-Proceedings-Communications, Vol.148, No.6; Dec. 2001; p.355-362Google Scholar