Monitoring System Security Using Neural Networks and Support Vector Machines

  • S. Mukkamala
  • G. Janoski
  • A. Sung
Part of the Advances in Soft Computing book series (AINSC, volume 14)


Information assurance is an issue of serious global concern. The complexity, accessibility, and openness of the Internet and the World Wide Web have all increased the risk of information system security. Further, vulnerability assessment indicates that future terrorist attacks may take place in the cyberspace to cause mass disruptions. Developing effective methods for preventing and detecting intrusions and misuses, therefore, will be essential for assuring the security of computer systems that are at the core of various controls in the modern society. This paper concerns intrusion detection, an important issue in defensive information warfare. We describe an intrusion detection system using neural networks, as well as using SVM (support vectors machines)—a hitherto untried approach in this field. Both methods carry out the detection of specific exploitations by comparing user activity (such as recorded in command logs) against (real and synthetic) attack patterns belonging to different categories of intrusion. The aim of our design of the intrusion detection system is to be general, adaptable, and effective. Testing results based on real-world intrusion data are also presented.


information system security intrusion detection neural networks support vector machines 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ryan J, Lin M-J, Miikkulainen R (1998) Intrusion Detection with Neural Networks. Advances in Neural Information Processing Systems 10, Cambridge, MA: MIT PressGoogle Scholar
  2. 2.
    Kumar S, Spafford EH (1994) An Application of Pattern Matching in Intrusion Detection. Technical Report CSD-TR-94–013. Purdue UniversityGoogle Scholar
  3. 3.
    Luo J, Bridges SM (2000) Mining Fuzzy Association Rules and Fuzzy Frequency Episodes for Intrusion Detection. International Journal of Intelligent Systems, John Wiley & Sons, pp 15: 687–703Google Scholar
  4. 4.
    Demuth H, Beale M (2000) Neural Network Toolbox User’s Guide. MathWorks, Inc. Natick, MAGoogle Scholar
  5. 5.
    Sung AH (1998) Ranking Importance Of Input Parameters Of Neural Networks. Expert Systems with Applications, pp 15: 405–411.Google Scholar
  6. 6.
    Cramer M, et. al. (1995) New Methods of Intrusion Detection using Control-Loop Measurement. Proceedings of the Technology in Information Security Conference (TISC) ’85. pp 1–10Google Scholar
  7. 7.
    Debar H, Becke M, Siboni D (1992) A Neural Network Component for an Intrusion Detection System. Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy Google Scholar
  8. 8.
    Debar H, Dorizzi B (1992) An Application of a Recurrent Network to an Intrusion Detection System. Proceedings of the International Joint Conference on Neural Networks. pp 78–483Google Scholar
  9. 9.
    Denning D (FEB 1987 ) An Intrusion-Detection Model. IEEE Transactions on Software Engineering, Vol. SE-13, No 2.Google Scholar
  10. 10.
    Ghosh AK. (1999). Learning Program Behavior Profiles for Intrusion Detection.. USENIXGoogle Scholar
  11. 11.
    Cannady J. (1998) Artificial Neural Networks for Misuse Detection. National Information Systems Security ConferenceGoogle Scholar
  12. 12.
    Vladimir VN (1995) The Nature of Statistical Learning Theory. Springer, Berlin Heidelberg New YorkzbMATHGoogle Scholar
  13. 13.
    Joachims T (2000) SVMlight is an implementation of Support Vector Machines (SVMs) in C.—thorsten/svm_light/. University of Dortmund. Collaborative Research Center on ‘Complexity Reduction in Multivariate Data’ (SFB475)Google Scholar
  14. 14.
    Joachims T (1998) Making Large-Scale SVM Learning Practical. LS8-Report, University of Dortmund, LS VIII-ReportGoogle Scholar
  15. 15.
    Joachims T (2000) Estimating the Generalization Performance of a SVM Efficiently. Proceedings of the International Conference on Machine Learning, Morgan KaufmanGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • S. Mukkamala
    • 1
  • G. Janoski
    • 1
  • A. Sung
    • 1
  1. 1.Department of Computer ScienceNew Mexico Institute of Mining and TechnologySocorroUSA

Personalised recommendations