Title :
Attack Characterization and Intrusion Detection using an Ensemble of Self-Organizing Maps
Author :
DeLooze, Lori L.
Author_Institution :
Member, IEEE
Abstract :
Self-organized maps (SOM) use an unsupervised learning technique to independently organize a set of input patterns into various classes. In this paper, we use an ensemble of SOMs to identify computer attacks and characterize them appropriately using the major classes of computer attacks (denial of service, probe, user-to-root and remote-to-local). The procedure produces a set of confidence levels for each connection as a way to describe the connection´s behavior.
Keywords :
security of data; self-organising feature maps; unsupervised learning; attack characterization; denial of service attack; intrusion detection; probe attack; remote-to-local attack; self-organizing maps; unsupervised learning technique; user-to-root attack; Computer crime; Computer science; Computerized monitoring; Data security; Databases; Intrusion detection; Probes; Self organizing feature maps; Telecommunication traffic; Unsupervised learning;
Conference_Titel :
Neural Networks, 2006. IJCNN '06. International Joint Conference on
Conference_Location :
Vancouver, BC
Print_ISBN :
0-7803-9490-9
DOI :
10.1109/IJCNN.2006.246983
