Intrusion Detection Systems (IDS's) monitor the traffic in computer networks for detecting suspect activities. Connectionist techniques can support the development of IDS's by modeling 'normal' traffic. This paper presents the application of some unsupervised neural methods to a packet dataset for the first time. This work considers three unsupervised neural methods, namely, Vector Quantization (VQ), Self-Organizing Maps (SOM) and Auto-Associative Back-Propagation (AABP) networks. The former paradigm proves quite powerful in supporting the basic space-spanning mechanism to sift normal traffic from anomalous traffic. The SOM attains quite acceptable results in dealing with some anomalies while it fails in dealing with some others. The AABP model effectively drives a nonlinear compression paradigm and eventually yields a compact visualization of the network traffic progression. © Springer-Verlag Berlin Heidelberg 2007.
CITATION STYLE
Herrero, Á., Corchado, E., Gastaldo, P., Leoncini, D., Picasso, F., & Zunino, R. (2007). Intrusion detection at packet level by unsupervised architectures. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4881 LNCS, pp. 718–727). Springer Verlag. https://doi.org/10.1007/978-3-540-77226-2_72
Mendeley helps you to discover research relevant for your work.