Title :
A Behavior Based Approach to Host-Level Intrusion Detection Using Self-Organizing Maps
Author :
Sujatha, P. Kola ; Kannan, A. ; Ragunath, S. ; Bargavi, Sindhu K. ; Githanjali, S.
Author_Institution :
Dept. of Inf. Technol., Anna Univ., Chennai
Abstract :
Neural networks play a vital role in contemporary intrusion detection systems. This paper presents a framework for anomaly based host-level intrusion detection system, using a category of neural networks called self-organizing map (SOM). The proposed work takes a different perspective to intrusion detection by applying data mining techniques to the host-behavior data, to detect intrusions. The behavior of the system is defined in terms of a "behavior set" rather than using a single parameter. This facilitates greater accuracy in describing the behavior of the system and helps in reducing false-positives. The unlabelled data is processed using a SOM, which is trained by an unsupervised learning algorithm namely "simple competitive learning". Unsupervised learning enables the SOM to detect new and novel attacks.
Keywords :
security of data; self-organising feature maps; unsupervised learning; behavior based approach; host-level intrusion detection; intrusion detection systems; neural networks; self-organizing maps; simple competitive learning; unsupervised learning algorithm; Data mining; Data security; Databases; Humans; Information security; Information technology; Intrusion detection; Neural networks; Self organizing feature maps; Unsupervised learning; Behavior-set; Data Mining; Intrusion Detection; Self-organizing Map; Unsupervised Learning;
Conference_Titel :
Emerging Trends in Engineering and Technology, 2008. ICETET '08. First International Conference on
Conference_Location :
Nagpur, Maharashtra
Print_ISBN :
978-0-7695-3267-7
Electronic_ISBN :
978-0-7695-3267-7
DOI :
10.1109/ICETET.2008.190
