A Network Based Intrusion Detection Model Using Neural Network
Ismail Taha2003, International Conference on Aerospace Sciences and Aviation Technology
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
Intrusion detection systems (IDS) have become an essential issue for computer networks security since each one is vulnerable for violation. This paper presents a neural network based implementation of an intrusion detection system to detect network based attacks. The key idea is to extract the most useful set of features from the packets traversing through the network and utilize them to describe users behavior. These selected features will be used an input features to train a designed neural network architecture to build a classifier that can recognize anomalies and known intrusions. Using a benchmark data set from a KDD (Knowledge Discovery and Data Mining), the designed system was able to correctly detect 99.8% of unusual network activity with a maximum of 5.4% false alarms. In addition, the system was 98.6% accurate in detecting different intrusion types.
Related papers
Intrusion Detection System Base on Neural Network
Arab Academy for Science and Technology and Mritime Transport (ACIT’2007: Nov 26th-28th, Syria), 2007
An anomaly based intrusion detection systems needs to be able to learn user's or system's behavior because users and systems behavior changes over time in today's dynamic environment. In this research experimenting with user's behavior will used as parameters in anomaly intrusion detection. The proposed intrusion detection system is uses a back propagation neural network to learn user's behavior. The neural network will check if it able to classify normal behavior correctly, and detect known and unknown attacks without using a huge amount of training data. The experiments were separated into three parts. The first preliminary experiment was conducted to see when the neural network was properly trained to classify sessions correctly. In this experiment, both known and unknown attacks were used. The next experiment was conducted to test the neural network with a small traffic, known and unknown attacks. Unknown attacks are the most threatening attacks, because these attacks are not known or not expected. In the final experiment, the classification rate was 82% on known attacks.
A Neural Network Based Anomaly Intrusion Detection System
Proceedings of the 2011 Developments in E Systems Engineering, 2011
Security system is the immune system for computers which is similar to the immune system in the human body. This includes all operations required to protect computer and systems from intruders. The aim of this work is to develop an anomalybased intrusion detection system (IDS) that can promptly detect and classify various attacks. Anomaly-based IDSs need to be able to learn the dynamically changing behavior of users or systems. In this paper, we are experimenting with packet behavior as parameters in anomaly intrusion detection. There are several methods to assist IDSs to learn system's behavior. The proposed IDS uses a back propagation artificial neural network (ANN) to learn system's behavior. We have used the KDD'99 data set in our experiments and the obtained results satisfy the work objective.
Intrusion Detection using Artificial Neural Network
Intrusion Detection is the task of detecting, preventing and possibly reacting to the attack and intrusions in a network based computer systems. In the literature several machine-learning paradigms have been proposed for developing an Intrusion Detection System. This paper proposes an Artificial Neural Network approach for Intrusion Detection. A Feed Forward Neural Network trained by Back Propagation algorithm is developed to classify the intrusions using a profile data set (ten percent of the KDD Cup 99 Data) with the information related to the computer network during Normal behavior and during Intrusive (Abnormal) behavior. Test result shows that the proposed approach works well in detecting different attacks accurately with less false positive and negative rate and it is comparable to those reported in the literature.
Applications of Neural Networks in Network Intrusion Detection
2006 8th Seminar on Neural Network Applications in Electrical Engineering, 2006
A Neural Network Approach for Intrusion Detection Systems
5th Conference in Advances in …, 2010
Intrusion detection systems, alongside firewalls and gateways, represent the first line of defense against computer network attacks. There are various commercial or open source intrusion detection systems in the market; nevertheless they do not perform well in various situations including novel attacks, user activity detection, generating in some cases false positive or negative alerts. The reason behind such performance is probably due to the implementation of merely signature based checks and a high degree of dependence on human interaction. On the other hand, a neural network approach might be the right one to tackle these issues. Neural networks have already been applied successfully to solve many problems related to pattern recognition, data mining, data compression and research is still underway with regards to intrusion detection systems. Unsupervised learning and fast network convergence are some features that can be integrated into an IDS system using neural networks. The networks can be designed to process a variety of data, although there are some constraints regarding input formatting. For this reason, data encoding represents a challenging task in the integration process since it needs to be optimised for the IDS domain. This paper will discuss the integration of IDS and neural networks, including data encoding and performance issues.
Neural Networks For Intrusion Detection And Its Applications
2012
With rapid expansion of computer networks during the past decade, security has become a crucial issue for computer system. Different soft-computing based methods have been proposed in recent years for the development of intrusion detection system. Different neural network structures are analyzed to find the optimal neural network with regards to the number of hidden layers. Misuse detection is the process of attempting to identify instances of network attacks by comparing current activity against the expected actions of an intruder. Most current approaches to misuse detection involve the use of Rule- based expert systems to identify indications of known attacks. These techniques are less successful in identifying attacks which vary from expected patterns. Artificial neural networks provide the potential to identify and classify network activity based on limited, incomplete, and nonlinear data sources.
An adaptive intrusion detection system using neural networks
1998
As the Internet expands both in number of hosts connected and in terms of the number of services provided, security has become a key issue for the technology developers. This work presents and analyses a prototype of an intrusion detection system. This system, positioned at key points of the network, will keep looking at the passing packets, in search of suspicious connections. The system provides a list of such connections for the administrator, enabling him/her to take the proper action at an early stage of the intrusion. Neural Networks are used to look for profiles of intrusion within the analysed data streams. The assessment is done through comparison with well-known profiles of intrusion. The system is highly adaptive, since new profiles can be added to the database and the Neural Network re-trained to consider them.
Artificial Neural Network Model for Intrusion Detection System
Mediterranean Journal of Basic and Applied Sciences, 2022
Artificial Intelligence (AI) breakthroughs in the last few years have accelerated dramatically as a result of the industry's vast technological use. Neural Networks (NN) is one of the most vital areas of AI, as they allow for commercial use of features that were previously not accessible via the use of computers. The Intrusion Detection System (IDS) is one of the areas in which Neural Networks are being extensively investigated to provide comprehensive computer network security and data confidentiality. During the realization of this work Artificial Neural Network (ANN) were used to shape the proposed model using a realistic CICIDS2017 dataset retrieved from the Canadian Institute for Cyber-Security (CIC) website. Following implementation and testing, it was discovered that the new model performs exceptionally well, with an average. In addition, the receiver operator characteristic curve (ROC) has a 9.999 % area under the Receiver Operator Characteristic Curve (AUC). Finally, it...
An overview of neural networks use in anomaly Intrusion Detection Systems
2009
With the increasing number of computers being connected to the Internet, security of an information system has never been more urgent. Because no system can be absolutely secure, the timely and accurate detection of intrusions is necessary. This is the reason of an entire area of research, called Intrusion Detection Systems (IDS). Anomaly systems detect intrusions by searching for an abnormal system activity. But the main problem of anomaly detection IDS is that; it is very difficult to build, because of the difficulty in defining what is normal and what is abnormal. Neural network with its ability of learning has become one of the most promising techniques to solve this problem. This paper presents an overview of neural networks and their use in building anomaly intrusion systems.
Related topics
Related papers
ARTIFICIAL NEURAL NETWORK BASED INTRUSION DETECTION SYSTEM
PROF MUHAMMAD NAFIU , 2024
Network security is becoming an issue of paramount importance in the information technology era. Nowadays with the dramatic growth of communication and computer networks, security has become a critical subject for computer system. Intrusion detection is the art of detecting computer abuse and any attempt to break the networks. Intrusion detection system is an effective security tool that helps to prevent unauthorized access to applications are created and implemented to solve the problem of detecting the attacks in intrusion detection systems. Most methods detect attacks and categorize in two groups, normal or threat. One of the most promising areas of research in the area of Intrusion Detection deals with the applications of the Artificial Intelligence (AI) techniques. This proposed system presents a new approach of intrusion detection system based on artificial neural network. Architecture is used for Intrusion Detection System. The performance and evaluations are performed by using the set of benchmark data from a KDD (Knowledge discovery in Database) dataset. The proposed system detects the attacks and classifies them in six groups.
Neural Network Based Intrusion Detection: State of the Art
SSRN Electronic Journal, 2019
With the advancement in technology and over internet, the number of attacks through unauthorized access has also increased. For fighting these attacks and to ensure the safety of the system, powerful Intrusion Detection System (IDS) is required. IDS's are used for sensing the attack persisting inside the network system. This paper reviews different existing Intrusion Detection Systems using Artificial Neural Networks for detecting malicious network activity as the success of neural networks comes from the fact that they are able to learn a number of behaviours depending on network input. They are very effective and fast in classification and can easily identify new threats. One of the features that uphold neural networks in the field of intrusion detection is its flexibility to adapt to any environment. This work evaluates the parameters that play the major role in enhancing the efficiency and accuracy of IDS.
Detection of intrusion using neural networks: A customized study
2004
Over the last years, computer and software industry has rapidly evolved changing the face of many aspects of the world, but the information system protection did not keep up with the vast change. As a result, information protection is gaining a lot of importance these days. Several physical and logical protection methods are used to protect the Computer systems. Among the physical method is the physical placement of devices, network separation. But due to the international trend in e-Commerce application, network separation is no longer used in protecting the networks. New systems depends on logical security that uses Firewall "Hardware, software", Log auditing. Intrusion detection systems are one of the major corners in logical system security development. These systems aim to monitor and discover attempts for system security penetration and reporti ng these attempts to the systems administrator. Developing intrusion detection systems was mainly concentrated on the expert system development field. This paper will discuss the possible implementation of neural networks in intrusion detection systems development.
Identify Features and Parameters to Devise an Accurate Intrusion Detection System Using Artificial Neural Network
World Academy of Science, Engineering and …, 2010
The aim of this article is to explain how features of attacks could be extracted from the packets. It also explains how vectors could be built and then applied to the input of any analysis stage.
An Intrusion Detection System for Network-Initiated Attacks Using a Hybrid Neural Network
IFIP International Federation for Information Processing, 2006
We present a hybrid system based on a combination of Neural Networks and rule-based matching systems that is capable of detecting network-initiated intrusion attacks on web servers. The system has a strong learning component allowing it to recognize even novel attacks (i.e. attacks it has never seen before) and categorize them as such. The performance of the Neural Network in detecting attacks is very good with success rates of more than 78% in recognizing new attacks. However, because of an alarmingly high false alarm rate that measures more than 90% on normal HTTP traffic carrying image uploads we had to combine the original ANN with a rule-based component that monitors the server's system calls for detecting unusual activity. A final component combines the two systems to make the final decision on whether to raise an intrusion alarm or not. We report on the results we got from our approach and future directions for this research.
Intrusion Detection Using Neural Network: A Literature Review
2017
Nowadays the computer security is important in our society,. Because of the wide use of computer networks and its application, it becomes imperative to detect the network attacks to protect the information security.therefor, anyone using a computer is at some risk of intrusion, even if he is not connected to the Internet or any other network . If the computer is left unattended, any person can attempt to access and misuse the system. The problem is, however, greater if the computer is connected to a network, especially the Internet. Any user from any place in the world can reach the computer remotely and may attempt to access private information. Solving the problem of attack detection using intrusion detection against computer networks is being a major problem in the area of network security. The intrusion detection system meets some challenges, and there are different approaches to deal with these challenges, neural network and machine learning is the best approaches to deal with ...
Network-based intrusion detection using neural networks
2002
ABSTRACT With the growth of computer networking, electronic commerce, and web services, security of networking systems has become very important. Many companies now rely on web services as a major source of revenue. Computer hacking poses significant problems to these companies, as distributed attacks can render their cyber-storefront inoperable for long periods of time. This happens so often, that an entire area of research, called Intrusion Detection, is devoted to detecting this activity.
A neural network component for an intrusion detection system
Research in Security and Privacy …, 1992
In this paper, we present a possible application of neural networks as a component of an intrusion detection system. Neural network algorithms are emerging nowadays as a new arnficial intelligence techm"quethat can be applied to real-l~e problems. We present an approach of user behavior modeling that takes advantage of the properties of neural algorithms and display results obtained on preliminary testing of our approach. 240 0-8186-2S25-1 /92 $3.00@ 1992 IEEE
Improving Intrusion Detection Systems Using Artificial Neural Networks
ADCAIJ: Advances in Distributed Computing and Artificial Intelligence Journal
In this paper, some of the methods used in the intrusion detection system were described using the neural network as a tool in intrusion detection system, which became very necessary in computer systems because it provides protection against attacks by hackers that are becoming increasingly destructive to computer systems.The Backpropagation Neural Network was chosen from among the neural networks due to its ability, speed and intelligence to recognize packet patterns captured from the network, providing the ability to detect intrusion of the system. The speed of the network in giving the diagnosis is one of the most important reasons for choosing the neural network. Therefore, many Attacks features have been analyzed of the standard packets that allow traffic through the network as well as the unusual packets, especially on these protocols (TCP, UDP).The results of these analyzes have been used to learn the neural network on the structure and pattern of standard and unusual packets...
Intrusion Detection: Supervised Machine Learning
Journal of Computing Science …, 2011
Due to the expansion of high-speed Internet access, the need for secure and reliable networks has become more critical. The sophistication of network attacks, as well as their severity, has also increased recently. As such, more and more organizations are becoming vulnerable to attack. The aim of this research is to classify network attacks using neural networks (NN), which leads to a higher detection rate and a lower false alarm rate in a shorter time. This paper focuses on two classification types: a single class (normal, or attack), and a multi class (normal, DoS, PRB, R2L, U2R), where the category of attack is also detected by the NN. Extensive analysis is conducted in order to assess the translation of symbolic data, partitioning of the training data and the complexity of the architecture. This paper investigates two engines; the first engine is the back-propagation neural network intrusion detection system (BPNNIDS) and the second engine is the radial basis function neural network intrusion detection system (BPNNIDS).The two engines proposed in this paper are tested against traditional and other machine learning algorithms using a common dataset: the DARPA 98 KDD99 benchmark dataset from International Knowledge Discovery and Data Mining Tools. BPNNIDS shows a superior response compared to the other techniques reported in literature especially in terms of response time, detection rate and false positive rate.
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.