Evaluating Performance of an Anomaly Detection Module with Artificial Neural Network Implementation
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 33104
Evaluating Performance of an Anomaly Detection Module with Artificial Neural Network Implementation

Authors: Edward Guillén, Jhordany Rodriguez, Rafael Páez

Abstract:

Anomaly detection techniques have been focused on two main components: data extraction and selection and the second one is the analysis performed over the obtained data. The goal of this paper is to analyze the influence that each of these components has over the system performance by evaluating detection over network scenarios with different setups. The independent variables are as follows: the number of system inputs, the way the inputs are codified and the complexity of the analysis techniques. For the analysis, some approaches of artificial neural networks are implemented with different number of layers. The obtained results show the influence that each of these variables has in the system performance.

Keywords: Network Intrusion Detection, Machine learning, Artificial Neural Network.

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1089431

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2078

References:


[1] Hernández-Pereira, E.; Suárez-Romero, J.; Fontenla-Romero, O. & Alonso-Betanzos, A. Conversion methods for symbolic features: A comparison applied to an intrusion detection problem Expert Systems with Applications, 2009, 36, 10612 - 10617
[2] Edward Guillen, Yudy Alexandra Colorado, Daniel Padilla. Weaknesses and Strenghts Analysis over Network-based Intrusion Detection and Prevention Systems. 2009. LATINCOM ’09. IEEE Latin-American conference on. 1-5
[3] Artan, N.S. and Ghosh, R. and Yanchuan Guo and Chao, H.J. A 10-Gbps High-Speed Single-Chip Network Intrusion Detection and Prevention System. Global Telecommunications Conference, 2007. GLOBECOM '07. IEEE pages 343-348,
[4] Cheng Xu and Fei Yu and Zhenghui Dai and Guangxue Yue and Renfa Li. Data Distribution Algorithm of High-Speed Intrusion Detection system Based on Network Processor. Semantics, Knowledge and Grid, 2006. SKG '06. Second International Conference on.
[5] Haines J, Lippmann R, Fried D.J, Zissman M, Tran E, Boswell S. 1999 DARPA intrusion detection evaluation: Design and procedures. Technical report 1062. Massachusetts institute of Technology. Lincoln Laboratory.
[6] Ali Shiravi Hadi Shiravi, M. T. A. A. G. towards Developing a Systematic Approach To Generate Benchmark Datasets for Intrusion Detection 2011, 357-374.
[7] Guillen Edward, Rodríguez Jhordany and Paez Rafael. Improving Network Intrusion Detection with Extended KDD. IAENG Transactions on Engineering Technologies. 2013
[8] Edward Guillen, Jhordany Rodríguez, R. P. A. R. Detection of Non-Content Based Attacks Using GA with Extended KDD Features World Congress in Engineering and Computer Science, 2012.
[9] Vasudevan, A.; Harshini, E. & Selvakumar, S. SSENet-2011: A Network Intrusion Detection System dataset and its comparison with KDD CUP 99 dataset Internet (AH-ICI), 2011 Second Asian Himalayas International Conference on, 2011, 1 -5
[10] Shun, J. & Malki, H. Network Intrusion Detection System Using Neural Networks Natural Computation, 2008. ICNC '08. Fourth International Conference on, 2008, 5, 242 -246
[11] Lawrence Berkeley National Laboratory and ICSI, . LBNL/ICSI Enterprise Tracing Project. www.icir.org/enterprise-tracing/
[12] CAIDA, 2011. The Cooperative Association for Internet Data Analysis. http://www.caida.org/
[13] RTI International, 2011. PREDICT:Protected Repository for the Defense of Infrastructure Against Cyber Threats. http://www.predict.org/
[14] The Shmoo Group, 2011. Defcon. http://cctf.shmoo.com/
[15] Information science institute, University of southern California. RFC 793: Transmission control protocol. September 1981.
[16] Marpaung, J.; Sain, M. & Lee, H.-J. Survey on malware evasion techniques: State of the art and challenges Advanced Communication Technology (ICACT), 2012 14th International Conference on, 2012, 744 -749
[17] Nmap Port Scanning Techniques:Nmap Reference Guide 2012. http://nmap.org/book/man-port-scanning-techniques.html
[18] Nessus Vulnerability Scanner documentation
[19] Gu Guofei; Perdisci Roberto; Zhangh Junjie; Lee Wenke; BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure- Independent Botnet Detection. Georgia Institute of Technology, Damballa Inc Atlanta. May 2008.
[20] Sabhnani, M. & Serpen, G. Why Machine Learning Algorithms Fail in Misuse Detection on KDD Intrusion Detection Data Set The University of Toledo, October 2003
[21] H. Güneş Kayacık, A. Nur Zincir-Heywood, M. I. H. Selecting Features for Intrusion Detection: A Feature Relevance Analysis on KDD 99 Intrusion Detection Datasets Dalhousie University, Faculty of Computer Science.
[22] El-Khatib, K. Impact of Feature Reduction on the Efficiency of Wireless Intrusion Detection Systems Parallel and Distributed Systems, IEEE Transactions on, 2010, 21, 1143 -1149
[23] Dozier, G.; Brown, D.; Hurley, J. & Cain, K. Vulnerability analysis of AIS-based intrusion detection systems via genetic and particle swarm red teams. Evolutionary Computation, 2004. CEC2004. Congress on, 2004, 1, 111 - 116 Vol.1
[24] Forrest, S.; Perelson, A.S.; Allen, L.; Cherukuri, R. Self-nonself discrimination in a computer Research in Security and Privacy, 1994. Proceedings. 1994 doi: 10.1109/RISP.1994.296580. IEEE Computer Society Symposium on , vol.no., pp.202-212, 16-18 May 1994, 1994, pp.202-212, 202-212
[25] Kim, D. S.; Nguyen, H.-N. & Park, J. S. Genetic algorithm to improve SVM based network intrusion detection system Advanced Information Networking and Applications, 2005. AINA 2005. 19th International Conference on, 2005, 2, 155 - 158 vol.2
[26] Devaraju, S.; Ramakrishnan, S., "Performance analysis of intrusion detection system using various neural network classifiers," Recent Trends in Information Technology (ICRTIT), 2011 International Conference on , vol., no., pp.1033,1038, 3-5 June 2011.
[27] Shlens Jonathon. A tutorial on Principal Component Analysis. Center for neural Science, New York University. April 2009.
[28] Jeff Heaton. Introduction to Neural Networks for C#, 2 edition. Heaton Research, October 2008. ISBN: 1604390093
[29] Marvin Minsky and Seymour Papert, 1972 (2nd edition with corrections, first edition 1969) Perceptrons: An Introduction to Computational Geometry, The MIT Press, Cambridge MA, ISBN 0-262-63022-2.
[30] Werbos, P.J. (1975). Beyond Regression: New Tools for Prediction and Analysis in the Behavioral Sciences. Ph.D Thesis Cambridge MA Hardvard University
[31] D.O Hebb. The organization of behavior. New York. Wiley, 1949. Introduction and chapter 4 "The first stage of perception; grow of the assembly”.