Computer Engineering and Applications ›› 2009, Vol. 45 ›› Issue (23): 115-117.DOI: 10.3778/j.issn.1002-8331.2009.23.032

• 网络、通信、安全 • Previous Articles     Next Articles

Application of self-organization map neural network in intrusion detection

JIA Wei-feng 1,2,ZHANG Feng-li1,TONG Bin1,WAN Ming-cheng1   

  1. 1.School of Computer Science and Engineering,UESTC,Chengdu 610054,China
    2.Anyang Normal University,Anyang,Henan 455000,China
  • Received:2008-05-06 Revised:2008-09-08 Online:2009-08-11 Published:2009-08-11
  • Contact: JIA Wei-feng

自组织映射神经网络在入侵检测中的应用

贾伟峰1,2,张凤荔1,童 彬1,万明成1   

  1. 1.电子科技大学 计算机科学与工程学院,成都 610054
    2.安阳师范学院,河南 安阳 455000
  • 通讯作者: 贾伟峰

Abstract: An intrusion detection method based on SOM is proposed.At training phase of the intrusion detection,SOM neural network is trained with labeled dataset and then label neurons with ‘normal’ or ‘attack’ according to the training result.During the procedure of detection,unknown data is determined whether it is normal or not according its’ BMU’s label.For validate the performance of this method,result of detection using SVM is compared to method proposed in this paper with KDD cup99 dataset,and the experiment shows that SOM based intrusion detection method has a better detection rate while consuming limit time.

摘要: 提出了一种基于SOM神经网络的入侵检测方法。该方法采用有标签的数据训练SOM神经网络,然后根据训练的结果标记正常数据和异常数据聚类的神经元。检测时则根据被检测数据的最佳匹配神经元的标签判断攻击是否发生。为验证检测的有效性,采用KDD cup99的训练集与测试集,将基于SOM的检测方法与基于SVM的检测方法的检测效果做了对比。实验结果表明:基于SOM的入侵检测方法具有检测率高、训练时间短和通用性强等特点。

CLC Number: