A Neural Model in Intrusion Detection Systems

  • Otávio A. S. Carpinteiro
  • Roberto S. Netto
  • Isaías Lima
  • Antonio C. Zambroni de Souza
  • Edmilson M. Moreira
  • Carlos A. M. Pinheiro
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4132)


The paper proposes the use of the multilayer perceptron model to the problem of detecting attack patterns in computer networks. The multilayer perceptron is trained and assessed on patterns extracted from the files of the Third International Knowledge Discovery and Data Mining Tools Competition. It is required to classify novel normal patterns and novel categories of attack patterns. The results are presented and evaluated in the paper.


Intrusion Detection Normal Pattern Intrusion Detection System Multilayer Perceptron Hide Unit 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bishop, C.M.: Neural Networks for Pattern Recognition. Oxford University Press, Oxford (1995)Google Scholar
  2. 2.
    Haykin, S.: Neural Networks: A Comprehensive Foundation, 2nd edn. Prentice-Hall, Inc., Englewood Cliffs (1999)MATHGoogle Scholar
  3. 3.
    Debar, H., Dacier, M., Wespi, A.: Towards a taxonomy of intrusion-detection systems. Computer Networks 31, 805–822 (1999)CrossRefGoogle Scholar
  4. 4.
    Biermann, E., Cloete, E., Venter, L.M.: A comparison of intrusion detection systems. Computers & Security 20, 676–683 (2001)CrossRefGoogle Scholar
  5. 5.
    Bai, Y., Kobayashi, H.: Intrusion detection systems: technology and development. In: Proceedings of the 17th International Conference on Advanced Information Networking and Applications. IEEE, Los Alamitos (2003)Google Scholar
  6. 6.
    Durst, R., Champion, T., Witten, B., Miller, E., Spagnuolo, L.: Testing and evaluating computer intrusion detection systems. Communications of the ACM 42, 53–61 (1999)CrossRefGoogle Scholar
  7. 7.
    Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: The 1999 DARPA off-line intrusion detection evaluation. Computer Networks 34, 579–595 (2000)CrossRefGoogle Scholar
  8. 8.
    Champion, T., Denz, M.L.: A benchmark evaluation of network intrusion detection systems. In: Proceedings of the Aerospace Conference. IEEE, Los Alamitos (2001)Google Scholar
  9. 9.
    Lee, S.C., Heinbuch, D.V.: Training a neural-network based intrusion detector to recognize novel attacks. IEEE Transactions on Systems, Man, and Cybernetics —Part A: Systems and Humans 31, 294–299 (2001)CrossRefGoogle Scholar
  10. 10.
    Jiang, J., Zhang, C., Kamel, M.: RBF-Based real-time hierarchical intrusion detection systems. In: Proceedings of the International Joint Conference on Neural Networks. IEEE, Los Alamitos (2003)Google Scholar
  11. 11.
    Joo, D., Hong, T., Han, I.: The neural network models for IDS based on the asymmetric costs of false negative errors and false positive errors. Expert Systems with Applications 25, 69–75 (2003)CrossRefGoogle Scholar
  12. 12.
    Zhang, C., Jiang, J., Kamel, M.: Intrusion detection using hierarchical neural networks. Pattern Recognition Letters 26, 779–791 (2005)CrossRefGoogle Scholar
  13. 13.
    Internet web page: KDD Cup 1999 Data. University of California, Irvine (1999), http://www.ics.uci.edu/~kdd/databases/kddcup99/kddcup99.html
  14. 14.
    Internet web page: KDD Cup 1999 Data. University of California, Irvine (1999), http://www.ics.uci.edu/~kdd/databases/kddcup99/task.html
  15. 15.
    Fahlman, S.E.: An empirical study of learning speed in back-propagation networks. Technical Report CMU-CS-88-162, School of Computer Science—Carnegie Mellon University, Pittsburgh, PA (1988)Google Scholar
  16. 16.
    Rumelhart, D.E., Hinton, G.E., McClelland, J.L.: A general framework for parallel distributed processing. In: Rumelhart, D.E., McClelland, J.L., The PDP Research Group (eds.) Parallel Distributed Processing, vol. 1, pp. 45–76. The MIT Press, Cambridge (1986)Google Scholar
  17. 17.
    Cabrera, J.B.D., Mehra, R.K.: Control and estimation methods in information assurance — a tutorial on intrusion detection systems. In: Proceedings of the 41st Conference on Decision and Control. IEEE, Los Alamitos (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Otávio A. S. Carpinteiro
    • 1
  • Roberto S. Netto
    • 1
  • Isaías Lima
    • 1
  • Antonio C. Zambroni de Souza
    • 1
  • Edmilson M. Moreira
    • 1
  • Carlos A. M. Pinheiro
    • 1
  1. 1.Research Group on Computer Networks and Software EngineeringFederal University of ItajubáItajubáBrazil

Personalised recommendations