Direct Batch Growth Hierarchical Self-Organizing Mapping Based on Statistics for Efficient Network Intrusion Detection

A new evaluation mechanism was proposed to enhance the representation of data topology in the directed batch growth hierarchical self-organizing mapping. In the proposed mechanism, the growth threshold and the correlation worked in a case-sensitive manner through the statistic calculation of the input data. Since the proposed model enabled a more thorough representation of data topology from both the horizontal and the vertical directions, it naturally held great potential in detecting various traffic attacks. Numerical experiments of network intrusion detection were carried out on the datasets of KDD99, Moore and CICIDS2017, where the good performance validated the superiority of the proposed method.

[1]  Richard Lippmann,et al.  The 1999 DARPA off-line intrusion detection evaluation , 2000, Comput. Networks.

[2]  Zhao Rong-chun Remote Sensing Target Recognition Based on SOM and SVM , 2002 .

[3]  A.N. Zincir-Heywood,et al.  On the capability of an SOM based intrusion detection system , 2003, Proceedings of the International Joint Conference on Neural Networks, 2003..

[4]  Zhi-Hua Zhou,et al.  SOM Ensemble-Based Image Segmentation , 2004, Neural Processing Letters.

[5]  S. T. Sarasamma,et al.  Hierarchical Kohonenen net for anomaly detection in network security , 2005, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[6]  Andrew W. Moore,et al.  Internet traffic classification using bayesian analysis techniques , 2005, SIGMETRICS '05.

[7]  Andrew W. Moore,et al.  Traffic Classification Using a Statistical Approach , 2005, PAM.

[8]  José Muñoz,et al.  Network Security Using Growing Hierarchical Self-Organizing Maps , 2009, ICANNGA.

[9]  Chih-Fong Tsai,et al.  A triangle area based nearest neighbors approach to intrusion detection , 2010, Pattern Recognit..

[10]  Sergei Bezobrazov,et al.  Neural Network Artificial Immune System for Malicious Code Detection , 2010 .

[11]  M. Punithavalli,et al.  An Integrated Framework for Mixed Data Clustering Using Growing Hierarchical Self-Organizing Map (GHSOM) , 2012 .

[12]  Chetan Gupta,et al.  Intrusion Detection based on K-Means Clustering and Ant Colony Optimization: A Survey , 2013 .

[13]  Andrew W. Moore,et al.  Discriminators for use in flow-based classification , 2013 .

[14]  Bandu B. Meshram,et al.  Evaluation of K-Means Clustering for Effective Intrusion Detection and Prevention in Massive Network Traffic Data , 2014 .

[15]  Araceli Sanchis,et al.  Sequential classifiers for network intrusion detection based on data selection process , 2016, 2016 IEEE International Conference on Systems, Man, and Cybernetics (SMC).

[16]  Jens Myrup Pedersen,et al.  Clustering analysis of malware behavior using Self Organizing Map , 2016, 2016 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (CyberSA).

[17]  Tohari Ahmad,et al.  Increasing performance of IDS by selecting and transforming features , 2016, 2016 IEEE International Conference on Communication, Networks and Satellite (COMNETSAT).

[18]  Kangfeng Zheng,et al.  Intrusion detection algorithm based on density, cluster centers, and nearest neighbors , 2016, China Communications.

[19]  Mamun Bin Ibne Reaz,et al.  Ensemble of binary SVM classifiers based on PCA and LDA feature extraction for intrusion detection , 2016, 2016 IEEE Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC).

[20]  Sadeq AlHamouz,et al.  Hybrid Classification Approach Using Self-Organizing Map and Back Propagation Artificial Neural Networks for Intrusion Detection , 2017, 2017 10th International Conference on Developments in eSystems Engineering (DeSE).

[21]  Mahdi Vasighi,et al.  A directed batch growing approach to enhance the topology preservation of self-organizing map , 2017, Appl. Soft Comput..

[22]  Alhadi Bustamam,et al.  Clustering self-organizing maps (SOM) method for human papillomavirus (HPV) DNA as the main cause of cervical cancer disease , 2017 .

[23]  Abdul Razaque,et al.  Intelligent intrusion detection system using clustered self organized map , 2018, 2018 Fifth International Conference on Software Defined Systems (SDS).

[24]  T. Abe,et al.  Viral population analysis of the taiga tick, Ixodes persulcatus, by using Batch Learning Self-Organizing Maps and BLAST search , 2019, The Journal of veterinary medical science.

[25]  Tao Feng,et al.  Statistics-Enhanced Direct Batch Growth Self-Organizing Mapping for Efficient DoS Attack Detection , 2019, IEEE Access.

[26]  Aris Spathis,et al.  An Artificial Intelligence Approach for the Detection of Cervical Abnormalities , 2019, International Journal of Reliable and Quality E-Healthcare.

[27]  Alberto Diaspro,et al.  Fourier Ring Correlation Simplifies Image Restoration in Fluorescence Microscopy , 2019 .

[28]  Guang Li,et al.  Fourier transform and correlation analysis for CSEM data processing , 2019 .

[29]  Baolong Zhang,et al.  The Study of an Improved Text Clustering Algorithm for Self-Organizing Maps , 2020 .

[30]  Lin Yang,et al.  A Survey on the Development of Self-Organizing Maps for Unsupervised Intrusion Detection , 2021, Mob. Networks Appl..