714 Hits in 4.1 sec

Network Intrusion Detection and Attack Analysis Based on SOFM with Fast Nearest-Neighbor Search

Jun Zheng
2005 Journal of Computer Research and Development  
The design procedure optimizes the performance of AID by jointly accounting for accurate usage profile modeling by SOM codebook and fast vector similarity measure using the fast Nearest-Neighbor search  ...  The Self-Organizing Map (SOM) is used to construct the normal usage profiles of network traffic, and in the training phase and detection phase, the Vector Elimination Nearest-Neighbor Search (VENNS) algorithm  ...  SOM for Anomaly Intrusion Detection In this paper, the Self-Organizing Map (SOM) [10] is chosen as anomaly detection model to learn the normal usage behavior for constructing the usage profile.  ... 
doi:10.1360/crad20050919 fatcat:mreiq2ikyfh33djtqa3z2vosbm

Incorporating soft computing techniques into a probabilistic intrusion detection system

Sung-Bae Cho
2002 IEEE Transactions on Systems Man and Cybernetics Part C (Applications and Reviews)  
Index Terms-Anomaly detection, fuzzy logic, hidden Markov model, intrusion detection system, self-organizing map, soft computing. Sung-Bae Cho (M'98) received the B.  ...  This paper presents a novel intrusion detection system (IDS) that models normal behaviors with hidden Markov models (HMM) and attempts to detect intrusions by noting significant deviations from the models  ...  Misuse detection uses knowledge about attacks, whereas anomaly detection uses normal behaviors.  ... 
doi:10.1109/tsmcc.2002.801356 fatcat:mc62v3zpdbhypcaihnyg2mub2m

An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks

Ozgur Depren, Murat Topallar, Emin Anarim, M. Kemal Ciliz
2005 Expert systems with applications  
The proposed anomaly detection module uses a Self-Organizing Map (SOM) structure to model normal behavior. Deviation from the normal behavior is classified as an attack.  ...  A rulebased Decision Support System (DSS) is also developed for interpreting the results of both anomaly and misuse detection modules.  ...  Each Anomaly Analyzer Module uses the SOM algorithm to build profiles of normal behavior.  ... 
doi:10.1016/j.eswa.2005.05.002 fatcat:myttjhuoubdn3fxxepqaxtglii

Monitoring of complex systems of interacting dynamic systems

Michael E. Cholette, Jianbo Liu, Dragan Djurdjanovic, Kenneth A. Marko
2011 Applied intelligence (Boston)  
This leads to missed detections and costly blind swapping of acceptable components because of one's inability to accurately isolate the source of previously unseen anomalies.  ...  In such machines, faults in one subsystem can cascade and affect the behavior of numerous other subsystems.  ...  If the quantization error is too big, anomaly detection is not invoked.  ... 
doi:10.1007/s10489-011-0313-0 fatcat:rarug5f5yfahlnrw4ya56jmhta

Distributed intrusion detection system using self organizing map

L. Vokorokos, A. Balaz, J. Trelova
2012 2012 IEEE 16th International Conference on Intelligent Engineering Systems (INES)  
The article further deals with specific design of intrusion detection architecture based on user anomaly behavior.  ...  Acquired results of simulation assign expediencies of using neural network SOM in the intrusion detection systems.  ...  The analyzer uses the detection policy database for this purpose. The latter comprises the following elements: attack signatures, normal behavior profiles, and necessary parameters.  ... 
doi:10.1109/ines.2012.6249817 fatcat:i5qordx7gjaf7i7atmaaftjfve

Stochastic protocol modeling for anomaly based network intrusion detection

J.M. Estevez-Tapiador, P. Garcia-Teodoro, J.E. Diaz-Verdejo
2003 First IEEE International Workshop on Information Assurance, 2003. IWIAS 2003. Proceedings.  
1 A new method for detecting anomalies in the usage of protocols in computer networks is presented in this work. The proposed methodology is applied to TCP and disposed in two steps.  ...  Once the model is built it is possible to use it as a representation of the normal usage of the protocol, so that deviations from the behavior provided by the model can be considered as a sign of protocol  ...  In anomaly detection the main objective is to model normal profiles of the system, so that substantial deviations from this behavior can be labeled as intrusive or, at least, as suspicious.  ... 
doi:10.1109/iwias.2003.1192454 dblp:conf/iwia/Estevez-TapiadorGD03 fatcat:zdu3zjyj6rdf3l2rggjq4yizf4

Intrusion Detection System Using Back Propagation Algorithm and Compare its Performance with Self Organizing Map

Subarna Shakya, Bisho Raj Kaphle
2016 Journal of Advanced College of Engineering and Management  
On the other hand, network intrusion and information safety problems are ramifications of using internet.  ...  The main function of Intrusion Detection System is to protect the resources from threats.  ...  .  CPU usage -The typical CPU usage patterns of a user.  Memory usage -The typical usage of memory for a user. .5 illustrates how a complete system for the detection of user behavioral anomalies is  ... 
doi:10.3126/jacem.v1i0.14930 fatcat:4yzk6ns6nvg75arueiso6ihcz4

DB-OLS: An Approach for IDS

Vikas Pareek, Aditi Mishra, Arpana Sharma, Rashmi, Shruti Bansal
2010 International Journal of Peer to Peer Networks  
In this model "Self Organizing Map" approach is to be used for behavior learning and "Outlier mining" approach, for detecting an intruder by calculating deviation from known user profile.  ...  We propose a model "DB-OLS: An Approach for IDS" which is a Deviation Based-Outlier approach for Intrusion detection using Self Organizing Maps.  ...  [3] proposed -"A new intrusion detection system using support vector machines and hierarchical clustering" a method which has scalable solutions for detecting network based anomalies by support vector  ... 
doi:10.5121/ijp2p.2010.1103 fatcat:rqlj5zqppzadhmrznb6hbcih2e

System approach to intrusion detection using hidden Markov model

Rahul Khanna, Huaping Liu
2006 Proceeding of the 2006 international conference on Communications and mobile computing - IWCMC '06  
In this paper we discuss a hidden Markov model (HMM) strategy for intrusion detection using a multivariate Gaussian model for observations that are then used to predict an attack that exists in a form  ...  We use this method to predict the intrusion states based on observation deviation from normal profiles or by fitting it into an appropriate attack profile.  ...  vector quantization (LVQ).  ... 
doi:10.1145/1143549.1143619 dblp:conf/iwcmc/KhannaL06 fatcat:j2q4tc6ftfbednxwo7piyuobdy

A Novel Approach to Combine Misuse Detection and Anomaly Detection Using POMDP in Mobile Ad-Hoc Networks

Mohsen Imani
2015 International Journal of Information and Electronics Engineering  
Anomaly detection is able to detect unknown attacks but false positive rate in anomaly detection responses is so high.  ...  Misuse detection is a technique which is used commonly by intrusion detection systems to match the attacksignature pattern in mobile ad hoc networks.  ...  The anomaly detection technique involves looking for behavior which is outside the normal expected behavior.  ... 
doi:10.7763/ijiee.2015.v5.538 fatcat:ni4ez4df55gixomqevc4igmpym

Self Organizing Maps to Build Intrusion Detection System

V. K. Pachghare, Vivek A. Patole, Dr. Parag Kulkarni
2010 International Journal of Computer Applications  
Many methods have been proposed for the development of intrusion detection system using artificial intelligence technique.  ...  At the end of the paper we will figure out the advantages and disadvantages of Self Organizing Maps and explain how it is useful for building an Intrusion Detection System.  ...  While an anomaly based intrusion detection system detect intrusions by searching for abnormal network traffic.  ... 
doi:10.5120/191-328 fatcat:vqve7eyquzfk7dxraalujipcle

Intrusion Detection System Using Self Organizing Map Algorithms

Faezeh Mozneb khodaie, Mohammad Ali Jabraeil Jamali, Ali Farzan
2014 International Journal of Computer Applications Technology and Research  
Many methods have been proposed for the development of intrusion detection system using artificial intelligence technique.  ...  Among the methods used to detect attacks in intrusion detection is done, In this paper we investigate the Self-Organizing Map method.  ...  Anomaly detection approaches the problem by attempting to find deviations from the established patterns of usage.  ... 
doi:10.7753/ijcatr0309.1010 fatcat:vg7tayod5rdxdfebsk2hbl7yfi

Machine Learning for Microcontroller-Class Hardware – A Review [article]

Swapnil Sayan Saha, Sandeep Singh Sandha, Mani Srivastava
2022 arXiv   pre-print
Recently, researchers have used a specialized model development cycle for resource-limited applications to ensure the compute and latency budget is within the limits while still maintaining the desired  ...  This paper highlights the unique challenges of enabling onboard machine learning for microcontroller class devices.  ...  • We illustrate a coherent and closed-loop workflow of ML model development and deployment for microcontrollers. We delineate each block in the workflow, providing both  ... 
arXiv:2205.14550v1 fatcat:osh2kxish5crbkgbuc3dr5amgu

SoK: A Systematic Review of Insider Threat Detection

Aram Kim, Junhyoung Oh, Jinho Ryu, Jemin Lee, Kookheui Kwon, Kyungho Lee
2019 Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications  
Finally, the detection approaches used in related studies are examined from the perspective of technology, learning, input category, detection target, and interpretability.  ...  Second, we explore the sensors which make possible detecting insider threats in an automated way, and the public datasets available for research.  ...  For real-time usage profiling, they used system call data. Brdiczka et al.  ... 
doi:10.22667/jowua.2019.12.31.046 dblp:journals/jowua/KimORLKL19 fatcat:qdw2eruvijhdjc3qsiit6yblda

The model of an anomaly detector for HiLumi LHC magnets based on Recurrent Neural Networks and adaptive quantization

Maciej Wielgosz, Matej Mertik, Andrzej Skoczeń, Ernesto De Matteis
2018 Engineering applications of artificial intelligence  
This paper focuses on an examination of an applicability of Recurrent Neural Network models for detecting anomalous behavior of the CERN superconducting magnets.  ...  Three different datasets were used for testing the detector.  ...  It showed that RNNs are in fact able to model magnets behavior. However, it has several drawbacks that make it hard to use in practical anomaly detection applications.  ... 
doi:10.1016/j.engappai.2018.06.012 fatcat:lfp5lfwxsbbepgjyrbqw3z3bwe
« Previous Showing results 1 — 15 out of 714 results