Abstract
Information assurance is an issue of serious global concern. The complexity, accessibility, and openness of the Internet and the World Wide Web have all increased the risk of information system security. Further, vulnerability assessment indicates that future terrorist attacks may take place in the cyberspace to cause mass disruptions. Developing effective methods for preventing and detecting intrusions and misuses, therefore, will be essential for assuring the security of computer systems that are at the core of various controls in the modern society. This paper concerns intrusion detection, an important issue in defensive information warfare. We describe an intrusion detection system using neural networks, as well as using SVM (support vectors machines)—a hitherto untried approach in this field. Both methods carry out the detection of specific exploitations by comparing user activity (such as recorded in command logs) against (real and synthetic) attack patterns belonging to different categories of intrusion. The aim of our design of the intrusion detection system is to be general, adaptable, and effective. Testing results based on real-world intrusion data are also presented.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Ryan J, Lin M-J, Miikkulainen R (1998) Intrusion Detection with Neural Networks. Advances in Neural Information Processing Systems 10, Cambridge, MA: MIT Press
Kumar S, Spafford EH (1994) An Application of Pattern Matching in Intrusion Detection. Technical Report CSD-TR-94–013. Purdue University
Luo J, Bridges SM (2000) Mining Fuzzy Association Rules and Fuzzy Frequency Episodes for Intrusion Detection. International Journal of Intelligent Systems, John Wiley & Sons, pp 15: 687–703
Demuth H, Beale M (2000) Neural Network Toolbox User’s Guide. MathWorks, Inc. Natick, MA
Sung AH (1998) Ranking Importance Of Input Parameters Of Neural Networks. Expert Systems with Applications, pp 15: 405–411.
Cramer M, et. al. (1995) New Methods of Intrusion Detection using Control-Loop Measurement. Proceedings of the Technology in Information Security Conference (TISC) ’85. pp 1–10
Debar H, Becke M, Siboni D (1992) A Neural Network Component for an Intrusion Detection System. Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy
Debar H, Dorizzi B (1992) An Application of a Recurrent Network to an Intrusion Detection System. Proceedings of the International Joint Conference on Neural Networks. pp 78–483
Denning D (FEB 1987 ) An Intrusion-Detection Model. IEEE Transactions on Software Engineering, Vol. SE-13, No 2.
Ghosh AK. (1999). Learning Program Behavior Profiles for Intrusion Detection.. USENIX
Cannady J. (1998) Artificial Neural Networks for Misuse Detection. National Information Systems Security Conference
Vladimir VN (1995) The Nature of Statistical Learning Theory. Springer, Berlin Heidelberg New York
Joachims T (2000) SVMlight is an implementation of Support Vector Machines (SVMs) in C. http://ais.gmd.de/—thorsten/svm_light/. University of Dortmund. Collaborative Research Center on ‘Complexity Reduction in Multivariate Data’ (SFB475)
Joachims T (1998) Making Large-Scale SVM Learning Practical. LS8-Report, University of Dortmund, LS VIII-Report
Joachims T (2000) Estimating the Generalization Performance of a SVM Efficiently. Proceedings of the International Conference on Machine Learning, Morgan Kaufman
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mukkamala, S., Janoski, G., Sung, A. (2002). Monitoring System Security Using Neural Networks and Support Vector Machines. In: Abraham, A., Köppen, M. (eds) Hybrid Information Systems. Advances in Soft Computing, vol 14. Physica, Heidelberg. https://doi.org/10.1007/978-3-7908-1782-9_10
Download citation
DOI: https://doi.org/10.1007/978-3-7908-1782-9_10
Publisher Name: Physica, Heidelberg
Print ISBN: 978-3-7908-1480-4
Online ISBN: 978-3-7908-1782-9
eBook Packages: Springer Book Archive