Investigation of Fuzzy Adaptive Resonance Theory in Network Anomaly Intrusion Detection

  • Nawa Ngamwitthayanon
  • Naruemon Wattanapongsakorn
  • David W. Coit
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5552)


The effectiveness of Fuzzy-Adaptive Resonance Theory (Fuzzy-ART or F-ART) is investigated for a Network Anomaly Intrusion Detection (NAID) application. F-ART is able to group similar data instances into clusters. Furthermore, F-ART is an online clustering algorithm that can learn and update its knowledge based on the presence of new instances to the existing clusters. We investigate a one shot fast learning option of F-ART on the network anomaly detection based on KDD CUP ’99 evaluation data set and found its effectiveness and robustness to such problems along with the fast response capability that can be applied to provide a real-time detection system.


Network Anomaly Detection Intrusion Detection Fuzzy-Adaptive Resonance Theory Adaptive Learning One Shot Fast Learning 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Patcha, A., Park, J.M.: An Overview of Anomaly Detection Techniques: Existing Solutions and Latest Technological Trends. J. Computer Networks 51, 3448–3470 (2007)CrossRefGoogle Scholar
  2. 2.
    Cachin, C., Dacier, M., Deak, O., Julisch, K., Randell, B., Riordan, J., Tscharner, A., Wespi, A., Wüest, C.: Towards a Taxonomy of Intrusion Detection Systems and Attacks. Technical Report, IBM Research, Zurich (2001)Google Scholar
  3. 3.
    KDD CUP 1999 Data (1999),
  4. 4.
    Chandola, V., Banerjee, A., Kumar, V.: Anomaly Detection: A Survey. Technical Report, Department of Computer Science, University of Minnesota, Minneapolis (2007)Google Scholar
  5. 5.
    Nawa, N., Naruemon, W., Chalermpol, C., David, W.C.: Multi-stage Network-Based Intrusion Detection System using Back Propagation Neural Networks. In: 2008 Asian International Workshop on Advanced Reliability Modeling, Taichung, Taiwan (2008)Google Scholar
  6. 6.
    Xu, R., Wunsch, D.: Survey of Clustering Algorithm. IEEE Trans. on Neural Networks 16, 645–678 (2005)CrossRefGoogle Scholar
  7. 7.
    Carpenter, G.A., Grossberg, S., Rosen, D.B.: Fuzzy ART: Fast Learning and Categorization of Analog Patterns by an Adaptive Resonance System. J. Neural Networks 4, 759–771 (1991)CrossRefGoogle Scholar
  8. 8.
    Liao, Y., Vemuri, V.R., Pasos, A.: Adaptive Anomaly Detection with Evolving Connectionist Systems. J. Network and Computer Applications 30, 60–80 (2007)CrossRefGoogle Scholar
  9. 9.
    Ismail, A.S.b.H., Abdullah, A.H., Bak, K.b.A., Ngadi, M.A.b., Dahlan, D., Chimphlee, W.: A Novel Method for Unsupervised Anomaly Detection using Unlabeled Data. In: International Conference on Computational Sciences and Its Applications, Perugia, Italy, pp. 252–260 (2008)Google Scholar
  10. 10.
    Das, Z.L., Zhou, A.J.: Theoretical Basis for Intrusion Detection. In: Information Assurance Workshop, pp. 184–192. IEEE Press, New York (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Nawa Ngamwitthayanon
    • 1
  • Naruemon Wattanapongsakorn
    • 1
  • David W. Coit
    • 2
  1. 1.Department of Computer EngineeringKing Mongkut’s University of Technology ThonburiBangkokThailand
  2. 2.Department of Industrial and Systems EngineeringRutgers UniversityPiscatawayUSA

Personalised recommendations