An intrusion detection system model based on self-organizing map

Jianhong Gao; Lixin Xu; Yaping Dai

An intrusion detection system model based on self-organizing map

Jianhong Gao^*, Lixin Xu, Yaping Dai

^*Corresponding author for this work

Beijing Institute of Technology

Research output: Contribution to conference › Paper › peer-review

5 Citations (Scopus)

Abstract

Self-Organizing Map (SOM) neural network and pattern recognition methods were applied in this system. A two-layered SOM network was designed, containing SOM1 and SOM2. SOM1 was designed to distinguish attack patterns from normal ones, and SOM2 was designed to point out the specific type of attack patterns. The KDD benchmark dataset from the International Knowledge Discovery and Data Mining Tools Competition was employed for training and testing our prototype, and divergences were calculated for feature selection. Finally, 4 chief features were employed as input of the two SOMs. From our experimental results with different network data, our scheme archives more than 98 percent detection rate and less than 2 percent false alarm rate, it can provide a precise and efficient way for implementing the classifier in intrusion detection.

Original language	English
Pages	4367-4369
Number of pages	3
Publication status	Published - 2004
Event	WCICA 2004 - Fifth World Congress on Intelligent Control and Automation, Conference Proceedings - Hangzhou, China Duration: 15 Jun 2004 → 19 Jun 2004

Conference

Conference	WCICA 2004 - Fifth World Congress on Intelligent Control and Automation, Conference Proceedings
Country/Territory	China
City	Hangzhou
Period	15/06/04 → 19/06/04

Keywords

Classifier for intrusion detection
Intrusion detection
Self-Organizing Map

Cite this

Gao, J., Xu, L., & Dai, Y. (2004). An intrusion detection system model based on self-organizing map. 4367-4369. Paper presented at WCICA 2004 - Fifth World Congress on Intelligent Control and Automation, Conference Proceedings, Hangzhou, China.

@conference{f2ef5d31e142452ba9c563369aa3c8b9,

title = "An intrusion detection system model based on self-organizing map",

abstract = "Self-Organizing Map (SOM) neural network and pattern recognition methods were applied in this system. A two-layered SOM network was designed, containing SOM1 and SOM2. SOM1 was designed to distinguish attack patterns from normal ones, and SOM2 was designed to point out the specific type of attack patterns. The KDD benchmark dataset from the International Knowledge Discovery and Data Mining Tools Competition was employed for training and testing our prototype, and divergences were calculated for feature selection. Finally, 4 chief features were employed as input of the two SOMs. From our experimental results with different network data, our scheme archives more than 98 percent detection rate and less than 2 percent false alarm rate, it can provide a precise and efficient way for implementing the classifier in intrusion detection.",

keywords = "Classifier for intrusion detection, Intrusion detection, Self-Organizing Map",

author = "Jianhong Gao and Lixin Xu and Yaping Dai",

year = "2004",

language = "English",

pages = "4367--4369",

note = "WCICA 2004 - Fifth World Congress on Intelligent Control and Automation, Conference Proceedings ; Conference date: 15-06-2004 Through 19-06-2004",

}

TY - CONF

T1 - An intrusion detection system model based on self-organizing map

AU - Gao, Jianhong

AU - Xu, Lixin

AU - Dai, Yaping

PY - 2004

Y1 - 2004

N2 - Self-Organizing Map (SOM) neural network and pattern recognition methods were applied in this system. A two-layered SOM network was designed, containing SOM1 and SOM2. SOM1 was designed to distinguish attack patterns from normal ones, and SOM2 was designed to point out the specific type of attack patterns. The KDD benchmark dataset from the International Knowledge Discovery and Data Mining Tools Competition was employed for training and testing our prototype, and divergences were calculated for feature selection. Finally, 4 chief features were employed as input of the two SOMs. From our experimental results with different network data, our scheme archives more than 98 percent detection rate and less than 2 percent false alarm rate, it can provide a precise and efficient way for implementing the classifier in intrusion detection.

AB - Self-Organizing Map (SOM) neural network and pattern recognition methods were applied in this system. A two-layered SOM network was designed, containing SOM1 and SOM2. SOM1 was designed to distinguish attack patterns from normal ones, and SOM2 was designed to point out the specific type of attack patterns. The KDD benchmark dataset from the International Knowledge Discovery and Data Mining Tools Competition was employed for training and testing our prototype, and divergences were calculated for feature selection. Finally, 4 chief features were employed as input of the two SOMs. From our experimental results with different network data, our scheme archives more than 98 percent detection rate and less than 2 percent false alarm rate, it can provide a precise and efficient way for implementing the classifier in intrusion detection.

KW - Classifier for intrusion detection

KW - Intrusion detection

KW - Self-Organizing Map

UR - http://www.scopus.com/inward/record.url?scp=4444268946&partnerID=8YFLogxK

M3 - Paper

AN - SCOPUS:4444268946

SP - 4367

EP - 4369

T2 - WCICA 2004 - Fifth World Congress on Intelligent Control and Automation, Conference Proceedings

Y2 - 15 June 2004 through 19 June 2004

ER -

An intrusion detection system model based on self-organizing map

Abstract

Conference

Keywords

Other files and links

Fingerprint

Cite this