Beta-Hebbian Learning for Visualizing Intrusions in Flows

The present research work focuses on Intrusion Detection (ID), identifying “anomalous” patterns that may be related to an attack to a system or a network. In order to detect such anomalies, this present paper proposes the visualization of network flows for ID by applying a novel neural method called Beta Hebbian Learning (BHL). Four real-life traffic segments from the University of Twente datasets have been analysed by means of the BHL. Such datasets were gathered from a honeypot directly connected to the Internet so it is guaranteed that it contains real-attack data. Results obtained by BHL provide clear evidence of the ID System clearly separating the different types of attacks present in each dataset and outperforming other well-known projection algorithms.

[1]  Alain Berro,et al.  Genetic algorithms and particle swarm optimization for exploratory projection pursuit , 2010, Annals of Mathematics and Artificial Intelligence.

[2]  María Tomás-Rodríguez,et al.  Modelado y control de turbinas eólicas marinas flotantes , 2019, Revista Iberoamericana de Automática e Informática industrial.

[3]  Héctor Quintián-Pardo,et al.  A New Approach for System Malfunctioning over an Industrial System Control Loop Based on Unsupervised Techniques , 2018, SOCO-CISIS-ICEUTE.

[4]  Héctor Quintián-Pardo,et al.  Lithium iron phosphate power cell fault detection system based on hybrid intelligent system , 2020, Log. J. IGPL.

[5]  Jian Sun,et al.  Deep Residual Learning for Image Recognition , 2015, 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[6]  Aiko Pras,et al.  A Labeled Data Set for Flow-Based Intrusion Detection , 2009, IPOM.

[7]  Álvaro Herrero,et al.  VISUALIZATION AND CLUSTERING FOR SNMP INTRUSION DETECTION , 2013, Cybern. Syst..

[8]  Héctor Alaiz-Moretón,et al.  PID-ITS: An Intelligent Tutoring System for PID Tuning Learning Process , 2017, SOCO-CISIS-ICEUTE.

[9]  Héctor Quintián-Pardo,et al.  Beta Hebbian Learning as a New Method for Exploratory Projection Pursuit , 2017, Int. J. Neural Syst..

[10]  José Luís Casteleiro-Roca,et al.  An Intelligent Model to Predict ANI in Patients Undergoing General Anesthesia , 2017, SOCO-CISIS-ICEUTE.

[11]  Won Ryu,et al.  Analyzing and detecting method of Android malware via disassembling and visualization , 2014, 2014 International Conference on Information and Communication Technology Convergence (ICTC).

[12]  Álvaro Herrero,et al.  Neural visualization of network traffic data for intrusion detection , 2011, Appl. Soft Comput..

[13]  Emilio Corchado,et al.  Connectionist Techniques For The Identification And Suppression Of Interfering Underlying Factors , 2003, Int. J. Pattern Recognit. Artif. Intell..

[14]  Mohamed Amine Ferrag,et al.  Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study , 2020, J. Inf. Secur. Appl..

[15]  Álvaro Herrero,et al.  Clustering extension of MOVICAB-IDS to distinguish intrusions in flow-based data , 2017, Log. J. IGPL.

[16]  Héctor Quintián-Pardo,et al.  Short-Term Energy Demand Forecast in Hotels Using Hybrid Intelligent Modeling † , 2019, Sensors.

[17]  Bernabé Dorronsoro,et al.  Towards a Reliable Comparison and Evaluation of Network Intrusion Detection Systems Based on Machine Learning Approaches , 2020, Applied Sciences.

[18]  Álvaro Herrero,et al.  A Neural-Visualization IDS for Honeynet Data , 2012, Int. J. Neural Syst..

[19]  Daniel A. Keim,et al.  A Survey of Visualization Systems for Malware Analysis , 2015, EuroVis.

[20]  Héctor Quintián-Pardo,et al.  A fault detection system based on unsupervised techniques for industrial control loops , 2019, Expert Syst. J. Knowl. Eng..

[21]  A. Marrero,et al.  Adaptive fuzzy modeling of the hypnotic process in anesthesia , 2017, Journal of Clinical Monitoring and Computing.

[22]  Simin Nadjm-Tehrani,et al.  Detection and Visualization of Android Malware Behavior , 2016, J. Electr. Comput. Eng..

[23]  Héctor Quintián-Pardo,et al.  Gaining deep knowledge of Android malware families through dimensionality reduction techniques , 2018, Log. J. IGPL.

[24]  José Luís Casteleiro-Roca,et al.  Power Cell SOC Modelling for Intelligent Virtual Sensor Implementation , 2017, J. Sensors.

[25]  Héctor Quintián-Pardo,et al.  Delving into Android Malware Families with a Novel Neural Projection Method , 2019, Complex..

[26]  Veelasha Moonsamy,et al.  Mining permission patterns for contrasting clean and malicious android applications , 2014, Future Gener. Comput. Syst..

[27]  Álvaro Herrero,et al.  Neural Visualization of Android Malware Families , 2016, SOCO-CISIS-ICEUTE.

[28]  Srinivas Mukkamala,et al.  Mobile malware visual analytics and similarities of Attack Toolkits (Malware gene analysis) , 2013, 2013 International Conference on Collaboration Technologies and Systems (CTS).

[29]  Esteban Jove,et al.  Intrusion Detection with Unsupervised Techniques for Network Management Protocols over Smart Grids , 2020 .