Title :
On the capability of an SOM based intrusion detection system
Author :
Kayacik, H. Günev ; Zincir-Heywood, A. Nur ; Heywood, Malcolm I.
Author_Institution :
Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS, Canada
Abstract :
An approach to network intrusion detection is investigated, based purely on a hierarchy of Self-Organizing Feature Maps. Our principle interest is to establish just how far such an approach can be taken in practice. To do so, the KDD benchmark dataset from the International Knowledge Discovery and Data Mining Tools Competition is employed. This supplies a connection-based description of a factitious computer network in which each connection is described in terms of 41 features. Unlike previous approaches, only 6 of the most basic features are employed. The resulting system is capable of detection (false positive) rates of 89% (4.6%), where this is at least as good as the alternative data-mining approaches that require all 41 features.
Keywords :
data mining; learning (artificial intelligence); security of data; self-organising feature maps; unsupervised learning; KDD benchmark dataset; SOM; computer network; data mining tools competition; international knowledge discovery; intrusion detection system; self-organizing feature maps; unsupervised learning; Computer networks; Computer science; Computer vision; Data mining; Internet; Intrusion detection; Knowledge based systems; Monitoring; Neurons; Testing;
Conference_Titel :
Neural Networks, 2003. Proceedings of the International Joint Conference on
Print_ISBN :
0-7803-7898-9
DOI :
10.1109/IJCNN.2003.1223682
