Traffic Attributes Correlation Mechanism based on Self-Organizing Maps for Real-Time Intrusion Detection 


Vol. 12,  No. 5, pp. 649-658, Oct.  2005
10.3745/KIPSTC.2005.12.5.649


PDF
  Abstract

Since the Network based attack is extensive in the real state of damage, It is very important to detect intrusion quickly at the beginning. But the intrusion detection using supervised learning needs either the preprocessing enormous data or the manager's analysis. Also it has two difficulties to detect abnormal traffic that the manager's analysis might be incorrect and would miss thereal time detectiom. In this paper, we propose a traffic attributes correlation analysis mechnism based on self-organization maps(SOM) for the real-time intrusion detection. The proposed mechnism has tree steps. First, with unsupervised learning build a map cluster composed of similar traffic. Second, label each map cluster to divide the map into normal traffic and abnormal traffic. In this step there is a rule which is created through the correlation analysis with SOM. At last, the mechanism would the process real-time detecting and updating gradually. During a lot of experiments the proposed mechanism has good performance in real-time intrusion to combine of unsupervised learning and supervised learning than that of supervised learning.

  Statistics
  Cite this article

[IEEE Style]

K. A. Hwang, H. Y. Oh, J. Y. Lim, K. J. Chae, J. C. Nah, "Traffic Attributes Correlation Mechanism based on Self-Organizing Maps for Real-Time Intrusion Detection," The KIPS Transactions:PartC, vol. 12, no. 5, pp. 649-658, 2005. DOI: 10.3745/KIPSTC.2005.12.5.649.

[ACM Style]

Kyoung Ae Hwang, Ha Young Oh, Ji Young Lim, Ki Joon Chae, and Jung Chan Nah. 2005. Traffic Attributes Correlation Mechanism based on Self-Organizing Maps for Real-Time Intrusion Detection. The KIPS Transactions:PartC, 12, 5, (2005), 649-658. DOI: 10.3745/KIPSTC.2005.12.5.649.

Forms

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)

Old Journals

Indexing

All publications of TKIPS is indexed in DOI, EBSCO, Google Scholar, Crossref, and CrossCheck.

TKIPS is also selected as the Journal for Accreditation by NRF (National Research Foundation of Korea).

Related Journals