Abstract
The application of techniques based on Artificial Intelligence for intrusion detection systems (IDS), mostly, artificial neural networks (ANN), is becoming a mainstream as well as an extremely effective approach to address some of the current problems in this area. Nevertheless, the selection criteria of the features to be used as inputs for the ANNs remains a problematic issue, which can be put, in a nutshell, as follows: The wider the detection spectrum of selected features is, the lower the performance efficiency of the process becomes and vice versa. This paper proposes sort of a compromise between both ends of the scale: a model based on Principal Component Analysis (PCA) as the chosen algorithm for reducing characteristics in order to maintain the efficiency without hindering the capacity of detection. PCA uses a data model to diminish the size of ANN’s input vectors, ensuring a minimum loss of information, and consequently reducing the complexity of the neural classifier as well as maintaining stability in training times. A test scenario for validation purposes was developed, using based-on-ANN IDS. The results obtained based on the tests have demonstrated the validity of the proposal.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Debar, H., Viinikka, J.: Introduction to Intrusion Detection and Security Information Management. In: Aldini, A., Gorrieri, R., Martinelli, F. (eds.) FOSAD 2005. LNCS, vol. 3655, pp. 207–236. Springer, Heidelberg (2005)
Ghosh, A., Michael, C., Schatz, M.: A real-time intrusion detection system based on learning program behavior. In: Debar, H., Mé, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol. 1907, pp. 93–109. Springer, Heidelberg (2000)
Grediaga, A., Ibarra, F., García, F., Ledesma, B., Brotons, F.: Aplication of Neural Networks in Network Control and Information Security. In: Wang, J., Yi, Z., Żurada, J.M., Lu, B.-L., Yin, H. (eds.) ISNN 2006. LNCS, vol. 3973, pp. 208–213. Springer, Heidelberg (2006)
Cortada, P., Sanroma, G., Garcia, P.: IDS based on Self-Organizing Maps. Technical Report, RedIRIS (2002)
Zhang, C., Jiang, J., Kamel, M.: Comparison of BPL and RBF Network in Intrusion Detection System. In: Wang, G., Liu, Q., Yao, Y., Skowron, A. (eds.) RSFDGrC 2003. LNCS (LNAI), vol. 2639, pp. 460–470. Springer, Heidelberg (2003)
Zanero, S., Savaresi, S.: Unsupervised Learning Techniques for an Intrusion Detection System. In: ACM Symposium on Applied Computing SAC 2004, pp. 41–419 (2004)
Freeman, J., Skapura, D.: Neural Networks. In: Algorithms, Applications, and Programming Techniques. Addison-Wesley, Reading (1991)
Ramadas, M., Ostermann, S., Tjaden, B.: Detecting Anomalous Network Traffic with Self-Organizing Maps. In: Vigna, G., Krügel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 36–54. Springer, Heidelberg (2003)
Lichodzijewski, P., Zincir-Heywood, A., Heywood, M.: Dynamic Intrusion Detection using Self-Organizing Maps. In: 14th Annual Canadian Information Technology Security Symposium (2002)
Mukkamala, S., Sung, A.: Feature Ranking and Selection for Intrusion Detection Systems Using Support Vector Machines. Technical Report, Institute of Minería y Tecnología, Nuevo México (2003)
Sung, A., Mukkamala, S.: Identifying important features for intrusion detection using support vector machines and neural networks. In: Proceedings of International Symposium on Applications and the Internet (2003)
Chebrolua, S., Abrahama, A., Thomasa, J.: Feature Deduction and Ensemble Design of Intrusion Detection Systems. Computers & Security 24, 295–307 (2005)
Xu, X., Wang, X.: An Adaptive Network Intrusion Detection Method Based on PCA and Support Vector Machines. In: Li, X., Wang, S., Dong, Z.Y. (eds.) ADMA 2005. LNCS, vol. 3584, pp. 696–703. Springer, Heidelberg (2005)
Bouzida, Y.: Efficient Intrusion Detection Using Principal Component Analysis. Technical Report Departement RSM GET/ ENST Bretagne (2005)
Nguyen, D.: A Reconfigurable Architecture for Network Intrusion Detection using Principal Component Analysis. Technical Report, Northwestern University Evanston (2005)
Comer, D.: Internetworking with TCP/IP, vol. 1. Prentice Hall, Englewood Cliffs (2005)
Kauzoglu, T.: Determining Optimum Structure for Artificial Neural Networks. In: Proceedings of then 25th Annual Technical Conference and Exhibition of the Remote Sensing Society, Cardiff, K, September 1999, pp. 675–682 (1999)
Esbensen, K.: Multivariate Data Análisis – in practice. Camo Press AS (2002)
Tenable Network Security, http://www.nessus.org
Ethereal, http://www.ethereal.com
Mitchell, T.: Machine Learning. McGraw Hill, New York (1997)
MIT Lincoln Laboratory: DARPA Intrusion Detection Evaluation, http://www.ll.mit.edu/IST/ideval/index.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lorenzo-Fonseca, I., Maciá-Pérez, F., Mora-Gimeno, F.J., Lau-Fernández, R., Gil-Martínez-Abarca, J.A., Marcos-Jorquera, D. (2009). Intrusion Detection Method Using Neural Networks Based on the Reduction of Characteristics. In: Cabestany, J., Sandoval, F., Prieto, A., Corchado, J.M. (eds) Bio-Inspired Systems: Computational and Ambient Intelligence. IWANN 2009. Lecture Notes in Computer Science, vol 5517. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02478-8_162
Download citation
DOI: https://doi.org/10.1007/978-3-642-02478-8_162
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02477-1
Online ISBN: 978-3-642-02478-8
eBook Packages: Computer ScienceComputer Science (R0)