Hybrid Classification Approach Using Self-Organizing Map and Back Propagation Artificial Neural Networks for Intrusion Detection

the study is intended to enhance the accuracy of intrusion detection systems by combining supervised and unsupervised machine learning techniques. In this work a combination of hybrid approach is implemented, in which a supervised and unsupervised machine learning techniques are used. The unsupervised Self-Organization Map (SOM) is used to identify normal/up-normal activities. In this case a Back Propagation Neural Network (BPNN) is used for the classification of attack traffic into various types. This approach resulted in a NSL_KDD dataset of various normal/up-normal records, represented by 41 features. The obtained results show that the proposed approach has improved the performance and accuracy of the intrusion detection system. From the results it can be seen that the implemented approach achieved up to 98% detection rate, compared to previous methods that at best achieved 96% detection rate. From the study and the result obtained it can be concluded that the combination of multi-tire classification approach has improved the detection rate of the IDS. The choice of combining SOM and BPNN has proven to be an efficient approach. It is intended to extend this work by implementing different combination strategies that involve methods that would results in further detection rate enhancement.

[1]  Sadok Ben Yahia,et al.  A Multi-agents Intrusion Detection System Using Ontology and Clustering Techniques , 2015, CIIA.

[2]  Malcolm I. Heywood,et al.  A Hierarchical SOM based Intrusion Detection System , 2008 .

[3]  James L. McClelland,et al.  Parallel distributed processing: explorations in the microstructure of cognition, vol. 1: foundations , 1986 .

[4]  Mohammad Ali Jabraeil Jamali,et al.  The Use of Intelligent Algorithms to Detect Attacks In Intrusion Detection System , 2014 .

[5]  Mohammad Masoud Javidi,et al.  A New And Quick Method To Detect Dos Attacks By Neural Networks , 2013 .

[6]  James L. McClelland Parallel Distributed Processing , 2005 .

[7]  Christin Schäfer,et al.  Learning Intrusion Detection: Supervised or Unsupervised? , 2005, ICIAP.

[8]  Tommy W. S. Chow,et al.  Neural Networks and Computing - Learning Algorithms and Applications , 2007, Series in Electrical and Computer Engineering.

[9]  Jung-Min Park,et al.  An overview of anomaly detection techniques: Existing solutions and latest technological trends , 2007, Comput. Networks.

[10]  Qi-Jun Zhang,et al.  Neural Networks for RF and Microwave Design , 2000 .

[11]  Manojit Chattopadhyay,et al.  An Effective Back Propagation Neural Network Architecture for the Development of an Efficient Anomaly Based Intrusion Detection System , 2014, 2014 International Conference on Computational Intelligence and Communication Networks.

[12]  Mahdi Zamani,et al.  Machine Learning Techniques for Intrusion Detection , 2013, ArXiv.

[13]  R. Lippmann,et al.  An introduction to computing with neural nets , 1987, IEEE ASSP Magazine.