A Frame of Intrusion Detection Learning System Utilizing Radial Basis Function

Full Text (PDF, 131KB), PP.19-25

Views: 0 Downloads: 0

Author(s)

S.Selvakani Kandeeban 1,* R.S.Rajesh 1

1. Department of Computer Applications, Francis Xavier Engineering College, Tirunelveli, Tamilnadu, India

* Corresponding author.

DOI: https://doi.org/10.5815/ijmecs.2012.01.03

Received: 5 Sep. 2011 / Revised: 12 Oct. 2011 / Accepted: 5 Dec. 2011 / Published: 8 Jan. 2012

Index Terms

Genetic algorithm, Intrusion Detection, KDD 99 Data Set, Radial Basis Function neural Network.

Abstract

The process of monitoring the events that occur in a computer system or network and analyzing them for signs of intrusion is known as Intrusion Detection System (IDS). Detection ability of most of the IDS are limited to known attack patterns; hence new signatures for novel attacks can be troublesome, time consuming and has high false alarm rate. To achieve this, system was trained and tested with known and unknown patterns with the help of Radial Basis Functions (RBF). KDD 99 IDE (Knowledge Discovery in Databases Intrusion Detection Evaluation) data set was used for training and testing. The IDS is supposed to distinguish normal traffic from intrusions and to classify them into four classes: DoS, probe, R2L and U2R. The dataset is quite unbalanced, with 79% of the traffic belonging to the DoS category, 19% is normal traffic and less than 2% constitute the other three categories. The usefulness of the data set used for experimental evaluation has been demonstrated. The different metrics available for the evaluation of IDS were also introduced. Experimental evaluations were shown that the proposed methods were having the capacity of detecting a significant percentage of rate and new attacks.

Cite This Paper

S.Selvakani Kandeeban, R.S.Rajesh, "A Frame of Intrusion Detection Learning System Utilizing Radial Basis Function", International Journal of Modern Education and Computer Science (IJMECS), vol.4, no.1, pp.19-25, 2012. DOI:10.5815/ijmecs.2012.01.03

Reference

[1]Agarwal, R. and M. Joshi. “PNrule: A New Framework for Learning Classifier Models in Data Mining”. Technical Report TR 00-015, Department of Computer Science, University of Minnesota 2000.
[2]Aussem, A., et al.. “Queueing Network Modelling with Distributed Neural Networks for Service Quality Estimation in B-ISDN Networks”. Proceedings IEEE-INNS-ENNS International Joint Conference on Neural Networks, Como, Italy 2000.
[3]Bernhard Pfahringer, “Winning the KDD99 Classification Cup: Bagged Boosting”, ACM SIGKDD Explorations Newsletter, Volume 1, Issue 2, p. 65-66 January 2000.
[4]Cannady, J.. “Artificial Neural Networks for Misuse Detection”. National Information Systems Security Conference on Neural Networks, Como, Italy 1998.
[5]Cannady, J. and J. Mahaffey. “The application of artificial intelligence to misuse detection”. Proceedings of the 1st Recent Advances in Intrusion Detection (RAID) Conference 1997.
[6]Computer Security and Intrusion Detection, http://www.acm.org/crossroads/xrds11-1/csid.html
[7]Cunningham, R. and R. Lippmann. "Improving Intrusion Detection performance using Keyword selection and Neural Networks." Computer Networks 34(4): 597—603 2000.
[8]Cunningham, R. and R. Lippmann. "Detecting Computer Attackers: recognizing patterns of malicious stealthy behavior." MIT Lincoln Laboratory - Presentation to CERIAS 2000.
[9]Ertoz, L., et al.. “Finding Clusters of Different Sizes, Shapes, and Densities in Noisy, High Dimensional Data”. Technical Report, University of Toledo 2001.
[10]Fox, K., et al.. “A Neural Network Approach Towards Intrusion Detection”. Proceedings of the 13th National Computer Security Conference, Washington, D.C. 1990.
[11]Girardin, L. and D. Brodbeck. “A Visual Approach for Monitoring Logs”. 12th System Administration Conference (LISA ’98), Berkeley, CA. 1998.
[12]Kayacik, G., et al.. “On the Capability of an SOM based Intrusion Detection System”. Proceedings of the International Joint Conference on Neural Networks, 2003.
[13]KDD Cup 1999 Task Description, Available: http://kdd.ics.uci.edu/databases/kddcup99/task.html
[14]Levin, I., "KDD-99 Classifier Learning Contest LLSoft's Results Overview." SIGKDD Explorations vol. 1, 2000.
[15]Planquart, J., “Application of Neural Networks to Intrusion Detection” . SANS Institute, Available at: http://www.sans.org/reading_room/whitepapers/detection/336.php?, 2001.
[16]Rhodes, B., et al., “Multiple Self-Organizing Maps for Intrusion Detection”. National Security Systems Security Conference, Baltimore, MD. 2000.
[17]Sabhnani, M. and G. Serpen,. “Application of Machine Learning Algorithms to KDD Intrusion Detection Dataset within Misuse Detection Context”. Proceedings of the International Conference on Machine Learning, Models, Technologies and Applications (MLMTA 2003), Las Vegas, NV. 2003.
[18]Selvakani.S, Rajesh.R.S, “Improving ID performance using GA and NN”, International Journal of Computer Aided Engineering and Technology, Vol.13, N0.1/2/3, Sep 2008.
[19]Yeung, D. Y. and C. Chow, “Parzen-window Network Intrusion Detectors”. Sixteenth International Conference on Pattern Recognition, Quebec City, Canada, 2002.
[20]Ypma, A. and R. Duin, “Novelty Detection using Self-Organizing Maps”. Progress in Connectionist- Based Information Systems, Springer. 1998.