Abstract

Recent research indicates a lot of attempts to create an Intrusion Detection System that is capable of learning and recognizing attacks it faces for the first time. Benchmark datasets were created by the MIT Lincoln Lab and by the International Knowledge Discovery and Data Mining group (KDD). A few competitions were held and many systems developed. The overall preference was given to Expert Systems that were based on Decision Making Tree algorithms. This work is devoted to the problem of Neural Networks as means of Intrusion Detection. After multiple techniques and methodologies are investigated, we show that properly trained Neural Networks are capable of fast recognition and classification of different attacks. The advantage of the taken approach allows us to demonstrate the superiority of the Neural Networks over the systems that were created by the winner of the KDD Cups competition and later researchers due to their capability to recognize an attack, to differentiate one attack from another, i.e. classify attacks, and, the most important, to detect new attacks that were not included into the training set. The results obtained through simulations indicate that it is possible to recognize attacks that the Intrusion Detection System never faced before on an acceptably high level.

Library of Congress Subject Headings

Neural networks (Computer science); Computer networks--Security measures; Internet--Security measures; Computer security

Publication Date

10-17-2005

Document Type

Thesis

Student Type

Graduate

Department, Program, or Center

Computer Science (GCCIS)

Advisor

Leon Reznik

Advisor/Committee Member

Hans-Peter Bischof

Advisor/Committee Member

Roman Yampolskiy

Comments

Physical copy available from RIT's Wallace Library at QA76.87 .N68

Campus

RIT – Main Campus

Download

Share

COinS