Identyfikatory
Warianty tytułu
Języki publikacji
Abstrakty
Generally, Intrusion Detection Systems (IDS) work using two methods of identification of attacks: by signatures, that are specific defined elements of the network traffic possible to identify and by anomalies being some deviation form of the network behaviour assumed as normal. Recently, some attempts have been made to implement artificial intelligence method for detection of attacks. Many such implementations use for testing and learning process the data set provided by KDD (Knowledge Discovery and Data Mining Competition) project in 1999. Unfortunately, KDD99 data set was created more than eight years ago and during this time many new attacks have been discovered. In this paper we present our research on updating KDD99 data with traces of attacks of new types. After updating, the data set was used for training and testing MLP (Multi Layer Perceptron) neural network architecture IDS.
Wydawca
Rocznik
Tom
Strony
51--59
Opis fizyczny
Bibliogr. 10 poz., rys., tab.
Twórcy
autor
- Institute of Telecommunications, Warsaw University of Technology, Nowowiejska 15/19, 00-665 Warsaw, Poland
autor
- Institute of Fundamental Technological Research, Polish Academy of Sciences, Swietokrzyska 21, 00-049 Warsaw, Poland
Bibliografia
- [1] Lee W., Stolfo S. J., A framework for constructing features and models for intrusion detection systems, ACM Transactions on Information and System Security (TISSEC) 3(4) (2000): 227–261.
- [2] Rutkowski L., Metody i Techniki Sztucznej Inteligencji (in Polish) (PWN, Warszawa, 2005).
- [3] Lee W., Stolfo S.J., Data mining approaches for intrusion detection, Proc. of the Seventh USENIX Security Symposium (SECURITY ’98) (San Antonio, 1998).
- [4] Lippmann R., Haines J. W., Fried D. J. et al., The 1999 darpa off-line intrusion detection evaluation, Computer Networks: The International Journal of Computer and Telecommunications Networking 34 (2000): 579–595.
- [5] Paxson V., Bro: A system for detecting network intruder in real time, Proceedings of the 7th USENiX Security Symposium (San Antonio, 1998).
- [6] Elkan Ch., Results of the KDD’99 classifier-learning contest (1999), http://www.cse.ucsd.edu/#elkan/clresults.html.
- [7] Osowski S., Sieci Neuronowe do Przetwarzania Informacji (in Polish) (Oficyna Wydawnicza Politechniki Warszawskiej, Warszawa 2000), ISBN: 83-7207-187-X.
- [8] Kukielka P., Kotulski Z., Analysis of different architectures of neural networks for application in intrusion detection systems, International Multiconference on Computer Science and Information Technology (Wisła, 2008): 20–22.
- [9] The Metasploit Project, www.metasploit.com.
- [10] Bro-Intrusion Detection System, www.bro-ids.org.
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-9d092be2-f157-4e3a-87f3-fbe455618e5e