Monitoring System Security Using Neural Networks and Support Vector Machines

Mukkamala, S.; Janoski, G.; Sung, A.

doi:10.1007/978-3-7908-1782-9_10

Monitoring System Security Using Neural Networks and Support Vector Machines

S. Mukkamala⁴,
G. Janoski⁴ &
A. Sung⁴

Conference paper

214 Accesses
57 Citations

Part of the book series: Advances in Soft Computing ((AINSC,volume 14))

Abstract

Information assurance is an issue of serious global concern. The complexity, accessibility, and openness of the Internet and the World Wide Web have all increased the risk of information system security. Further, vulnerability assessment indicates that future terrorist attacks may take place in the cyberspace to cause mass disruptions. Developing effective methods for preventing and detecting intrusions and misuses, therefore, will be essential for assuring the security of computer systems that are at the core of various controls in the modern society. This paper concerns intrusion detection, an important issue in defensive information warfare. We describe an intrusion detection system using neural networks, as well as using SVM (support vectors machines)—a hitherto untried approach in this field. Both methods carry out the detection of specific exploitations by comparing user activity (such as recorded in command logs) against (real and synthetic) attack patterns belonging to different categories of intrusion. The aim of our design of the intrusion detection system is to be general, adaptable, and effective. Testing results based on real-world intrusion data are also presented.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Ryan J, Lin M-J, Miikkulainen R (1998) Intrusion Detection with Neural Networks. Advances in Neural Information Processing Systems 10, Cambridge, MA: MIT Press
Google Scholar
Kumar S, Spafford EH (1994) An Application of Pattern Matching in Intrusion Detection. Technical Report CSD-TR-94–013. Purdue University
Google Scholar
Luo J, Bridges SM (2000) Mining Fuzzy Association Rules and Fuzzy Frequency Episodes for Intrusion Detection. International Journal of Intelligent Systems, John Wiley & Sons, pp 15: 687–703
Google Scholar
Demuth H, Beale M (2000) Neural Network Toolbox User’s Guide. MathWorks, Inc. Natick, MA
Google Scholar
Sung AH (1998) Ranking Importance Of Input Parameters Of Neural Networks. Expert Systems with Applications, pp 15: 405–411.
Google Scholar
Cramer M, et. al. (1995) New Methods of Intrusion Detection using Control-Loop Measurement. Proceedings of the Technology in Information Security Conference (TISC) ’85. pp 1–10
Google Scholar
Debar H, Becke M, Siboni D (1992) A Neural Network Component for an Intrusion Detection System. Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy
Google Scholar
Debar H, Dorizzi B (1992) An Application of a Recurrent Network to an Intrusion Detection System. Proceedings of the International Joint Conference on Neural Networks. pp 78–483
Google Scholar
Denning D (FEB 1987 ) An Intrusion-Detection Model. IEEE Transactions on Software Engineering, Vol. SE-13, No 2.
Google Scholar
Ghosh AK. (1999). Learning Program Behavior Profiles for Intrusion Detection.. USENIX
Google Scholar
Cannady J. (1998) Artificial Neural Networks for Misuse Detection. National Information Systems Security Conference
Google Scholar
Vladimir VN (1995) The Nature of Statistical Learning Theory. Springer, Berlin Heidelberg New York
MATH Google Scholar
Joachims T (2000) SVMlight is an implementation of Support Vector Machines (SVMs) in C. http://ais.gmd.de/—thorsten/svm_light/. University of Dortmund. Collaborative Research Center on ‘Complexity Reduction in Multivariate Data’ (SFB475)
Google Scholar
Joachims T (1998) Making Large-Scale SVM Learning Practical. LS8-Report, University of Dortmund, LS VIII-Report
Google Scholar
Joachims T (2000) Estimating the Generalization Performance of a SVM Efficiently. Proceedings of the International Conference on Machine Learning, Morgan Kaufman
Google Scholar

Download references

Author information

Authors and Affiliations

Department of Computer Science, New Mexico Institute of Mining and Technology, Socorro, New Mexico, 87801, USA
S. Mukkamala, G. Janoski & A. Sung

Authors

S. Mukkamala
View author publications
You can also search for this author in PubMed Google Scholar
G. Janoski
View author publications
You can also search for this author in PubMed Google Scholar
A. Sung
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

School of Computing and Information Technology, Monash University, Gippsland Campus, 3842, Churchill, VIC, Australia
Ajith Abraham
Department of Pattern Recognition, Fraunhofer IPK Berlin, Pascalstraße 8-9, 10587, Berlin, Germany
Mario Köppen

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Mukkamala, S., Janoski, G., Sung, A. (2002). Monitoring System Security Using Neural Networks and Support Vector Machines. In: Abraham, A., Köppen, M. (eds) Hybrid Information Systems. Advances in Soft Computing, vol 14. Physica, Heidelberg. https://doi.org/10.1007/978-3-7908-1782-9_10

Download citation

DOI: https://doi.org/10.1007/978-3-7908-1782-9_10
Publisher Name: Physica, Heidelberg
Print ISBN: 978-3-7908-1480-4
Online ISBN: 978-3-7908-1782-9
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics