Title :
Intrusion detection through artificial neural networks
Author :
De Lima, Igor Vinicius Mussoi ; Degaspari, J.A. ; Sobral, João Bosco Mangueira
Author_Institution :
Comput. Sci. Program, Fed. Univ. of Santa Catarina, Florianopolis
Abstract :
The main problem with rule-based intrusion detection systems is the update discrepancy in their knowledge base, in relation the continuous differentiated forms of intrusion. Those IDSs basically work based on the misuse detection method, which monitors network and computers for known attack patterns. This article shows the build of a prototype for a network intrusion detection system, that uses an artificial neural network as a detection mechanism. In the network training and learning phases, which are an adaptive process, the knowledge base of IDS Snort was applied. The built IDSs allow the detection of an acceptable proportion of variants of intrusion, beyond the already known intrusion forms. This last characteristic presents expressive advantages comparing to intrusion detection systems purely based on rules, because it dismisses the use of an extensive knowledge base and solves the false negative and false positive problems, through the fine adjustment of weights, given by the variation of the acceptation rate in the network output, when the network is trained.
Keywords :
computer networks; knowledge based systems; learning (artificial intelligence); neural nets; security of data; telecommunication security; IDS Snort; adaptive process; artificial neural network; intrusion detection; knowledge base; learning phase; network training; Artificial neural networks; Computer displays; Computer networks; Computer science; Intrusion detection; Monitoring; Neural networks; Packaging; Protection; Prototypes;
Conference_Titel :
Network Operations and Management Symposium, 2008. NOMS 2008. IEEE
Conference_Location :
Salvador, Bahia
Print_ISBN :
978-1-4244-2065-0
Electronic_ISBN :
1542-1201
DOI :
10.1109/NOMS.2008.4575234
