CCE Faculty Proceedings, Presentations, Speeches and Lectures
Multiple Self-Organizing Maps for Intrusion Detection
Event Name/Location
Baltimore, MD / 2000
Presentation Date
10-2000
Document Type
Conference Proceeding
Proceedings Title
Proceedings of the 23rd National Information Systems Security Conference
Description
While many techniques have been explored for detecting intrusive or abnormal behavior on computer systems, approaches that involve pattern matching, expert systems, and traditional neural networks require detectors to either be crafted by hand or trained upon examples of known intrusions. We argue that neural networks capable of unsupervised learning can provide a powerful supplement to these techniques. After learning the characteristics of normal traffic or user behavior, these networks can identify abnormalities without relying on expectations of what abuse will look like. This paper analyzes the potential of the Kohonen self-organizing map to narrow the envelope of intrusive behaviors that would not be caught by a detection system.
NSUWorks Citation
Cannady, James D. Jr.; Rhodes, Brandon Craig; and Mahaffey, James A., "Multiple Self-Organizing Maps for Intrusion Detection" (2000). CCE Faculty Proceedings, Presentations, Speeches and Lectures. 560.
https://nsuworks.nova.edu/gscis_facpres/560
COinS