Auto-Associative Neural Techniques for Intrusion Detection Systems

Intrusion detection systems (IDS´s) ensure the security of computer networks by monitoring traffic and generating alerts, or taking actions, when suspicious activities are detected. This paper proposes a network-based IDS supporting an intuitive visualization of the time evolution of network traffic. The system is designed to assist the network manager in detecting anomalies, and exploits auto-associative back-propagation (AABP) neural networks to turn raw data extracted from traffic sources into an intuitive 2D representation. The neural component operates as a sort of smart compression operator and supports a compact representation of multi-dimensional data. The empirical verification of the mapping method involved the detection of anomalies in traffic ascribed to the simple network management protocol (SNMP), and confirmed the validity of the proposed approach.