Anormaly Intrusion Detection Based on SOM

Author

Li Min ; Dongliang, Wang

Author_Institution

Network Center, Beijing Univ. of Civil Eng. & Archit., Beijing, China

Volume

1

fYear

2009

fDate

10-11 July 2009

Firstpage

40

Lastpage

43

Abstract

In this paper, we first introduce the principle of SOM algorithm, and then study the real-time intrusion detection system, finding it is not very good in the real-time intrusion detection system. Regarding this problem, this paper presents a real-time intrusion detection model based on SOM algorithm, and takes the system call process as studying object to illustrate the performance of this model. Finally, we compared the detection ability of SOM algorithm with other intrusion detection models by simulation experiment, and the experiment shows that intrusion detection of anomalous based SOM not only meets requirements, but also has a strong nature of real-time, and the nature of real-time of the anomaly intrusion detection model based on SOM is 100 times higher than that of the Forrest and Leepsilas method.

Keywords

hidden Markov models; security of data; self-organising feature maps; Forrest method; Lee method; SOM algorithm; anomaly intrusion detection model; hidden Markov model; neural network algorithm; real-time intrusion detection model; self-organizing map algorithm; Biological neural networks; Civil engineering; Computer networks; Computer security; Data security; Intrusion detection; Network topology; Neural networks; Neurons; Real time systems; SOM; algorithm; intrusion detection; real-time;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Engineering, 2009. ICIE '09. WASE International Conference on

Conference_Location

Taiyuan, Shanxi

Print_ISBN

978-0-7695-3679-8

Type

conf

DOI

10.1109/ICIE.2009.240

Filename

5211153