A Hybrid Artificial Immune System and Self Organising Map for Network Intrusion Detection

H...............H

Show simple item record

dc.contributor.author Powers, Simon
dc.contributor.author He, Jun
dc.date.accessioned 2009-05-28T07:38:14Z
dc.date.available 2009-05-28T07:38:14Z
dc.date.issued 2009-05-28
dc.identifier.citation Powers , S & He , J 2009 , ' A Hybrid Artificial Immune System and Self Organising Map for Network Intrusion Detection ' Information Sciences , pp. 3024-3042 . en
dc.identifier.other PURE: 115356
dc.identifier.other dspace: 2160/2417
dc.identifier.uri http://hdl.handle.net/2160/2417
dc.description S. Powers and J. He. A Hybrid Artificial Immune System and Self Organising Map for Network Intrusion Detection. Information Sciences, 178 (15): 3024-3042, 2008 en
dc.description.abstract Network intrusion detection is the problem of detecting unauthorised use of, or access to, computer systems over a network. Two broad approaches exist to tackle this problem: anomaly detection and misuse detection. An anomaly detection system is trained only on examples of normal connections, and thus has the potential to detect novel attacks. However, many anomaly detection systems simply report the anomalous activity, rather than analysing it further in order to report higher-level information that is of more use to a security officer. On the other hand, misuse detection systems recognise known attack patterns, thereby allowing them to provide more detailed information about an intrusion. However, such systems cannot detect novel attacks. A hybrid system is presented in this paper with the aim of combining the advantages of both approaches. Specifically, anomalous network connections are initially detected using an artificial immune system. Connections that are flagged as anomalous are then categorised using a Kohonen Self Organising Map, allowing higher-level information, in the form of cluster membership, to be extracted. Experimental results on the KDD 1999 Cup dataset show a low false positive rate and a detection and classification rate for Denial-of-Service and User-to-Root attacks that is higher than those in a sample of other works. en
dc.format.extent 19 en
dc.language.iso eng
dc.relation.ispartof Information Sciences en
dc.title A Hybrid Artificial Immune System and Self Organising Map for Network Intrusion Detection en
dc.type Text en
dc.type.publicationtype Article (Journal) en
dc.contributor.institution Department of Computer Science en
dc.description.status Peer reviewed en


Files in this item

Files Size Format View

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record

Search Cadair


Advanced Search

Browse

My Account