Research on Hybrid Neural Network in Intrusion Detection System
This paper presents an intrusion detection system of hybrid neural network model based on RBF and Elman. It is used for anomaly detection and misuse detection. This model has the memory function .It can detect discrete and related aggressive behavior effectively. RBF network is a real-time pattern classifier, and Elman network achieves the memory ability for former event. Based on the hybrid model intrusion detection system uses DARPA data set to do test evaluation. It uses ROC curve to display the test result intuitively. After the experiment it proves this hybrid model intrusion detection system can effectively improve the detection rate, and reduce the rate of false alarm and fail.
[1] Bivens A, Palagiri C, Smith R, Szymanski B. et al. Network-based
Intrusion Detection using Neural Networks. Proceeding of ANNIE-2002,
New York, ASME Press, 2002. 579-584.
[2] Yang Ke, Wang Li-Ping, Fang Ding-Yi. Program behavior anomaly
detection based on neural network. Dalian Ligong Daxue Xuebao/Journal
of Dalian University of Technology, v 45, n SUPPL., October, 2005, p
S136-S141.
[3] Azadi Avenue, Tehran, Iran. RT-UNNID: A practical solution to
real-time network-based intrusion detection using unsupervised neural
networks. Computers & Security, Volume 25, Issue 6, September 2006,
Pages 459-468.
[4] Guisong Liu, Zhang Yi and Shangming Yang. A hierarchical intrusion
detection model based on the PCA neural networks
Neurocomputing, Volume 70, Issues 7-9, March 2007, Pages 1561-1568.
[5] WeiShengJun, HuChangZhen, JiangFei. intrusion detection method (J)
based on BP neural network improved algorithm. Computer engineering
and application, 2005, (7) : 154-158.
[6] A. K. Ghosh, A. Schwartzbard. A study in using neural networks for
anomaly and misuse detection (A). In Proceedings of 8th USENIX
Security Symposium (C), San Washington: USENIX Association, 1999,
23-36.
[7] Adrian G. Bors. Introduction of the Radial Basis Function(RBF)
Networks. University of York UK. : Rbf.pdf.
[8] LuTao, ChenDeZhao. Radial basis network research progress and review
(J). Computer engineering and application, 2005, (4) : - 62.
[9] Elman, J.L. Finding structure in time. Cognitive Science, 1990, 14(2):
179-211.
[10] Sun Microsystems. Sun SHIELD Basic Security Module Guide.(BE/OL).
[11] S. A. Hofmeyr, S. Forrest, A. Somayaji. Intrusion detection
usingsequences of system calls(J), Journal of Computer Security,
1998,(3) 151-180.
[12] Cunningham R K, Lippmann R P, Fried D. J, et al. Evaluating Intrusion
Detection Systems without Attacking Your Friends: The 1998 DARPA
Intrusion Detection Evaluation. Proceedings of Third Conference and
Workshop on Intrusion Detection and Response. San Diego: CA,
1999.10-21.
[13] Lippmann R, Haines J W, Fried D J, et al. The 1999 DARPA Off-Line
Intrusion Detection Evaluation. Computer Networks, 2000,30(2). 14-26.
[1] Bivens A, Palagiri C, Smith R, Szymanski B. et al. Network-based
Intrusion Detection using Neural Networks. Proceeding of ANNIE-2002,
New York, ASME Press, 2002. 579-584.
[2] Yang Ke, Wang Li-Ping, Fang Ding-Yi. Program behavior anomaly
detection based on neural network. Dalian Ligong Daxue Xuebao/Journal
of Dalian University of Technology, v 45, n SUPPL., October, 2005, p
S136-S141.
[3] Azadi Avenue, Tehran, Iran. RT-UNNID: A practical solution to
real-time network-based intrusion detection using unsupervised neural
networks. Computers & Security, Volume 25, Issue 6, September 2006,
Pages 459-468.
[4] Guisong Liu, Zhang Yi and Shangming Yang. A hierarchical intrusion
detection model based on the PCA neural networks
Neurocomputing, Volume 70, Issues 7-9, March 2007, Pages 1561-1568.
[5] WeiShengJun, HuChangZhen, JiangFei. intrusion detection method (J)
based on BP neural network improved algorithm. Computer engineering
and application, 2005, (7) : 154-158.
[6] A. K. Ghosh, A. Schwartzbard. A study in using neural networks for
anomaly and misuse detection (A). In Proceedings of 8th USENIX
Security Symposium (C), San Washington: USENIX Association, 1999,
23-36.
[7] Adrian G. Bors. Introduction of the Radial Basis Function(RBF)
Networks. University of York UK. : Rbf.pdf.
[8] LuTao, ChenDeZhao. Radial basis network research progress and review
(J). Computer engineering and application, 2005, (4) : - 62.
[9] Elman, J.L. Finding structure in time. Cognitive Science, 1990, 14(2):
179-211.
[10] Sun Microsystems. Sun SHIELD Basic Security Module Guide.(BE/OL).
[11] S. A. Hofmeyr, S. Forrest, A. Somayaji. Intrusion detection
usingsequences of system calls(J), Journal of Computer Security,
1998,(3) 151-180.
[12] Cunningham R K, Lippmann R P, Fried D. J, et al. Evaluating Intrusion
Detection Systems without Attacking Your Friends: The 1998 DARPA
Intrusion Detection Evaluation. Proceedings of Third Conference and
Workshop on Intrusion Detection and Response. San Diego: CA,
1999.10-21.
[13] Lippmann R, Haines J W, Fried D J, et al. The 1999 DARPA Off-Line
Intrusion Detection Evaluation. Computer Networks, 2000,30(2). 14-26.
@article{"International Journal of Information, Control and Computer Sciences:56089", author = "Jianhua Wang and Yan Yu", title = "Research on Hybrid Neural Network in Intrusion Detection System", abstract = "This paper presents an intrusion detection system of hybrid neural network model based on RBF and Elman. It is used for anomaly detection and misuse detection. This model has the memory function .It can detect discrete and related aggressive behavior effectively. RBF network is a real-time pattern classifier, and Elman network achieves the memory ability for former event. Based on the hybrid model intrusion detection system uses DARPA data set to do test evaluation. It uses ROC curve to display the test result intuitively. After the experiment it proves this hybrid model intrusion detection system can effectively improve the detection rate, and reduce the rate of false alarm and fail.
", keywords = "RBF, Elman, anomaly detection, misuse detection,
hybrid neural network.", volume = "7", number = "4", pages = "491-5", }
