Skip to main content
SpringerLink
Log in
Book cover

International Conference on Grid and Cooperative Computing

GCC 2004: Grid and Cooperative Computing - GCC 2004 Workshops pp 530–537Cite as

Anomaly Detection Using Fast SOFM

  • Conference paper

  • 559 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3252))

Abstract

Different with the host-based anomaly detection, the huge volume of network traffic requires machine learning algorithms more efficient in the network-based anomaly detection. In this paper, the more efficient detection frame based on the SOFM algorithm with the fast nearest-neighbor searching strategy to detect the attack is proposed. We apply the detection frame to DARPA Intrusion Detection Evaluation Dataset. It is shown that the network attacks are detected with relatively low false alarms and more efficiency. The performance of anomaly detection model is improved greatly.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Eskin, E., Arnold, A., Prerau, M.: A Geometric Framework for Unsupervised Anomaly Detection: Detecting Intrusions in Unlabeled Data. In: Applications of Data Mining in Computer Security, Kluwer, Dordrecht (2002)

    Google Scholar 

  2. Sung, A.H., Mukkamala, S.: Identifying Important Features for Intrusion Detection Using Support Vector Machines and Neural Networks. In: Proceedings of the 2003 Symposium on Applications and the Internet (2003)

    Google Scholar 

  3. Mukkamala, S., Sung, A.H.: Identifying key features for intrusion detection using neural networks. In: Proceedings of the 15th international conference on Computer communication (August 2002)

    Google Scholar 

  4. Kohonen, T.: Self-Organization and Associative Memory, 3rd edn. Springer, Berlin (1989)

    Google Scholar 

  5. Hoglund, A.J., Hatonen, K.: A computer host-based user anomaly detection system using self-organizing map. In: IEEE-INNS-ENNS International Joint Conference on Neural Networks (IJCNN 2000), vol. 5 (2000)

    Google Scholar 

  6. Lichodzijewski, P., Zineir-Heywood, A.N., Heywood, M.I.: Host-based intrusion detection using self-organizing Maps. In: Proceedings of the 2002 IEEE IJCNN, Hawaii, USA (May 2002)

    Google Scholar 

  7. Torres, T., Huguet, J.: An improvement on codebook search for vector quantization. IEEE Trans. Commun. 42(2), 208–210 (1994)

    Article  Google Scholar 

  8. Miller, G.J., Thompson, K., Wilder, R.: Wide-area Internet traffic patterns and characteristics. IEEE Network, 10–23 (November 1997)

    Google Scholar 

  9. Moore, D., Voelker, G., Savage, S.: Inferring Internet Denial-of-Service Activity. In: Usenix Security Symposium, Washington, D.C. (August 2001)

    Google Scholar 

  10. Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: The 1999 DARPA Off-Line Intrusion Detection Evaluation. Computer Networks 34(4), 579–595 (2000)

    Article  Google Scholar 

  11. 1999 DARPA Intrusion Detection Evaluation Dataset, http://www.ll.mit.edu/IST/ideval/index.html

Download references

Author information

Authors and Affiliations

  1. Computer Network and Information Security Technique Research Center, Harbin Institute of Technology, Harbin, 150001, China

    Jun Zheng, Mingzeng Hu, Binxing Fang & Hongli Zhang

Authors
  1. Jun Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mingzeng Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Binxing Fang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hongli Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Services Computing Technology and System Lab Cluster and Grid Computing Lab School of Computer Science and Technology, Huazhong University of Science and Technology, 430074, Wuhan, China

    Hai Jin

  2. Dept. of CS, Georgia State University, 30302, Atlanta, GA, USA

    Yi Pan

  3. National Laboratory for Parallel and Distributed Processing, NUDT, 410073, Changsha, Hunan, China

    Nong Xiao

  4. Cluster and Grid Computing Lab, Huazhong University of Science and Technology, 430074, Wuhan, China

    Jianhua Sun

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zheng, J., Hu, M., Fang, B., Zhang, H. (2004). Anomaly Detection Using Fast SOFM. In: Jin, H., Pan, Y., Xiao, N., Sun, J. (eds) Grid and Cooperative Computing - GCC 2004 Workshops. GCC 2004. Lecture Notes in Computer Science, vol 3252. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30207-0_66

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30207-0_66

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-23578-1

  • Online ISBN: 978-3-540-30207-0

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation