Intrusion Detection System Using Back Propagation Algorithm and Compare its Performance with Self Organizing Map

In recent years, internet and computers have been utilized by many people all over the world in several fields. On the other hand, network intrusion and information safety problems are ramifications of using internet. In this thesis it propose a new learning methodology towards developing a novel intrusion detection system (IDS) by back propagation neural networks (BPN) and self organizing map (SOM) and compare the performance between them. The main function of Intrusion Detection System is to protect the resources from threats. It analyzes and predicts the behaviors of users, and then these behaviors will be considered an attack or a normal behavior. The proposed method can significantly reduce the training time required. Additionally, the training results are good. It provides a powerful tool to help supervisors and unsupervisors analyze, model and understand the complex attack behavior of electronic crime.Journal of Advanced College of Engineering and Management, Vol. 1, 2015, pp. 127-138

Download Full-text

Distributed intrusion detection system using self organizing map

2012 IEEE 16th International Conference on Intelligent Engineering Systems (INES) ◽

10.1109/ines.2012.6249817 ◽

2012 ◽

Cited By ~ 4

Author(s):

L. Vokorokos ◽

A. Balaz ◽

J. Trelova

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Self Organizing Map ◽

Distributed Intrusion Detection ◽

Distributed Intrusion Detection System ◽

Self Organizing

Download Full-text

An intrusion detection system model based on self-organizing map

Fifth World Congress on Intelligent Control and Automation (IEEE Cat. No.04EX788) ◽

10.1109/wcica.2004.1342338 ◽

2004 ◽

Author(s):

Jianhong Gao ◽

Lixin Xu ◽

Yaping Dai

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

System Model ◽

Self Organizing Map ◽

Model Based ◽

Self Organizing

Download Full-text

Proposed Network Intrusion Detection System ‎In Cloud Environment Based on Back ‎Propagation Neural Network

Journal of University of Babylon for Pure and Applied Sciences ◽

10.29196/jub.v26i1.351 ◽

2017 ◽

Vol 26 (1) ◽

pp. 29-40 ◽

Cited By ~ 7

Author(s):

Shawq Malik Mehibs ◽

Soukaena Hassan Hashim

Keyword(s):

Neural Network ◽

Cloud Computing ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Back Propagation ◽

Network Intrusion Detection ◽

Cloud Environment ◽

High Detection Rate ◽

Network Intrusion

Cloud computing is distributed architecture, providing computing facilities and storage resource as a service over the internet. This low-cost service fulfills the basic requirements of users. Because of the open nature and services introduced by cloud computing intruders impersonate legitimate users and misuse cloud resource and services. To detect intruders and suspicious activities in and around the cloud computing environment, intrusion detection system used to discover the illegitimate users and suspicious action by monitors different user activities on the network .this work proposed based back propagation artificial neural network to construct t network intrusion detection in the cloud environment. The proposed module evaluated with kdd99 dataset the experimental results shows promising approach to detect attack with high detection rate and low false alarm rate

Download Full-text

A Self Organizing Map Intrusion Detection System for RPL Protocol Attacks

International Journal of Interdisciplinary Telecommunications and Networking ◽

10.4018/ijitn.2019010103 ◽

2019 ◽

Vol 11 (1) ◽

pp. 30-43 ◽

Cited By ~ 2

Author(s):

Elie Kfoury ◽

Julien Saab ◽

Paul Younes ◽

Roger Achkar

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Early Stage ◽

Sensor Data ◽

Self Organizing Map ◽

Lossy Networks ◽

Mesh Topology ◽

Som Neural Network ◽

Self Organizing

Routing over low power and lossy networks (RPL) is a standardized routing protocol for constrained Wireless Sensor Network (WSN) environments. The main node's constraints include processing capability, power, memory, and energy. RPL protocol describes how WSN nodes create a mesh topology, enabling them to route sensor data. Unfortunately, various attacks exist on the RPL protocol that can disrupt the topology and consume nodes' energy. In this article, the authors propose an intrusion detection system (IDS) based on self-organizing map (SOM) neural network to cluster the WSN routing attacks, and hence notify the system administrator at an early stage, reducing the risk of interrupting the network and consuming nodes' power. Results showed that the proposed SOM architecture is able to cluster routing packets into three different types of attacks, as well as clean data.

Download Full-text

An Efficient Intrusion Detection Method Based on LightGBM and Autoencoder

Symmetry ◽

10.3390/sym12091458 ◽

2020 ◽

Vol 12 (9) ◽

pp. 1458

Author(s):

Chaofei Tang ◽

Nurbol Luktarhan ◽

Yuxin Zhao

Keyword(s):

Machine Learning ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Reconstruction Error ◽

Machine Learning Algorithms ◽

Network Intrusion Detection ◽

Attack Behavior ◽

Network Intrusion ◽

Normal Behavior

Due to the insidious characteristics of network intrusion behaviors, developing an efficient intrusion detection system is still a big challenge, especially in the era of big data where the number of traffic and the dimension of each traffic feature are high. Because of the shortcomings of traditional common machine learning algorithms in network intrusion detection, such as insufficient accuracy, a network intrusion detection system based on LightGBM and autoencoder (AE) is proposed. The LightGBM-AE model proposed in this paper includes three steps: data preprocessing, feature selection, and classification. The LightGBM-AE model adopts the LightGBM algorithm for feature selection, and then uses an autoencoder for training and detection. When a set of data containing network intrusion behaviors are inputted into an autoencoder, there is a large reconstruction error between the original input data and the reconstructed data obtained by the autoencoder, which provides a basis for intrusion detection. According to the reconstruction error, an appropriate threshold is set to distinguish symmetrically between normal behavior and attack behavior. The experiment is carried out on the NSL-KDD dataset and implemented using Pytorch. In addition to autoencoder, variational autoencoder (VAE) and denoising autoencoder (DAE) are also used for intrusion detection and are compared with existing machine learning algorithms such as Decision Tree, Random Forest, KNN, GBDT, and XGBoost. The evaluation is carried out through classification evaluation indexes such as accuracy, precision, recall, F1-score. The experimental results show that the method can efficiently separate the attack behavior from normal behavior according to the reconstruction error. Compared with other methods, the effectiveness and superiority of this method are verified.

Download Full-text