Wei Pan,Weihua Li

DOI: https://doi.org/10.1007/11576235_58

2005-01-01

Abstract:Intrusion Detection is an essential and critical component of network security systems. The key ideas are to discover useful patterns or features that describe user behavior on a system, and use the set of relevant features to build classifiers that can recognize anomalies and known intrusions, hopefully in real time. In this paper, a hybrid neural network technique is proposed, which consists of the self-organizing map (SOM) and the radial basis function (RBF) network, aiming at optimizing the performance of the recognition and classification of novel attacks for intrusion detection. The optimal network architecture of the RBF network is determined automatically by the improved SOM algorithm. The intrusion feature vectors are extracted from a benchmark dataset (the KDD-99) designed by DARPA. The experimental results demonstrate that the proposed approach performance especially in terms of both efficient and accuracy.

Xiaotao Wei,Houkuan Huang,Shengfeng Tian

DOI: https://doi.org/10.1007/11760191_38

2006-01-01

Abstract:A modified RBF (radial basis function)-based neural network is proposed for network anomaly detection. Special attention is given to the determination of the parameters of the hidden layer. We propose a novel grid-based approach to compress and cluster the training data. The number, center and radii of the RBFs are determined according to the clustering result. At the detecting stage, we expand each input node with a sigmoid function to meet the type of input data. Experimental result on KDD 99 intrusion detection datasets shows that our RBF based IDS has high detection rate while maintaining a low false positive rate. It also shows the remarkable ability of our IDS to detect new type of attacks.

ZHAO Jian-hua,LI Wei-hua

DOI: https://doi.org/10.3969/j.issn.1000-3428.2012.12.032

2012-01-01

Abstract:In order to improve the classification effectiveness of Self-organizing feature Mapping(SOM) neural network,this paper designs a Supervised Self-organizing feature Mapping(SSOM) network,which adds output layer into the network structure based on input layer and competitive layer.According to different prediction category of input samples,SSOM selects different formula to adjust weights and train network.Through combinations of two weights,SSOM realizes the regression and statistic of the sample classes.Experiments on KDD CUP99 dataset show that SSOM has better classification ability and higher intrusion detection rate.

Jing Bi,Kun Zhang,Xiaojing Cheng

DOI: https://doi.org/10.1109/ieec.2009.80

2009-01-01

Abstract:Radial Basis Function (RBF) has been one of the most common neural networks used in the intrusion detection system(IDS). To improve the approximation performance and calculation speed of RBF, we describe a method to deal with the benchmark datasets adopted in the research. It includes converting the string to numeric elements firstly, then omitting the unnecessary data and ensuring that the data has the reasonable range limit. The simulation results built upon Matlab software show that the RBF neural network has better performance than BP neural network.

Yichun Peng,Yi Niu,Qiwei Hu

DOI: https://doi.org/10.1109/CIS.2012.128

2012-01-01

Abstract:As an active and dynamic security-defense technique, intrusion detection can detect the interior and exterior attacks, and it plays an important role in assuring the network security. A radial basis function (RBF) neural network learning algorithm based on immune recognition algorithm which based on the clonal selection principle recognition principle was studied. In the algorithm, the input data was regarded as antigens, and antibodies are regarded as the hidden layer centers. The weights of the output layer are determined by adopting the Recursive least square method, which can improve convergence speed and precision of the RBF neural network. This algorithm was applied to Intrusion Detection Systems. Theory and experiment show that this algorithm has better ability in intrusion detection, and can be used to improve the efficiency of intrusion detection, reduce the false alarm rate.

王亚,熊焰,龚旭东,陆琦玮

DOI: https://doi.org/10.3778/j.issn.1002-8331.1212-0089

2013-01-01

Computer Engineering and Applications Journal

Abstract:For anomaly intrusion detection in network security, this paper proposes a method of establishing the optimal neural network intrusion model. It improves particle swarm optimization algorithm by chaos perturbation. And it optimizes Radial Basis Function(RBF)neural network intrusion model. The subset features of network and RBF neural network parameters are considered as a particle. It uses the inter particle exchange of information and collaboration to find the global optimal particle extremum quickly. The simulation experiment is carried out on KDD Cup99 datasets. The simulation results show that it is a high detection ratio and fast speed network intrusion detection model.

Dianbo Jiang,Yahui Yang,Min Xia

DOI: https://doi.org/10.1109/IAS.2009.247

2009-01-01

Abstract:Neural networks approach is an advanced methodology used for intrusion detection. As a type of neural network, Self-organizing Maps (SOM) is getting more attention in the field of intrusion detection.In this paper, some improvements on SOM algorithm are made in order to increase detection rate and improve the stability of intrusion detection, include: (1) Modify the strategy of “winner-take-all” to decrease underutilized or completely unutilized neurons. (2) Introduce interaction weight which describes the effect between each neuron in the output layer to enhance the relationships between the input pattern and the weights of all the nodes when adjusting weights; The improved SOM is implemented and applied to the intrusion detection. The validities and feasibilities of the improved SOM are confirmed through experiments on KDD Cup 99 datasets. The experiment result shows that the detection rate has been increased by employing the improved SOM.

Jiang Zhong,Yong Feng,Chunxiao Ye,Ling Ou,Zhiguo Li

DOI: https://doi.org/10.1109/ICNC.2007.269

2007-01-01

Abstract:An RBFNN can be regarded as a feedforward artificial neural network with a single layer of hidden units, whose responses are the output of radial basis functions (RBFs). The central problem in training a radial basis function neural network is the selection of hidden layer neurons, which includes the selection of the center and width of those neurons. In this paper, we propose a method to select hidden layer neurons based on multiple granularities immune network, and then, training a cosine RBF neural network base on gradient descent learning process. Also, the new method is applied for intrusion detection and it is observed that the proposed approach gives better performance over some traditional approaches.

Zhifeng Chen,Peide Qian

DOI: https://doi.org/10.1109/iita.2009.154

2009-01-01

Abstract:Detecting all kinds of intrusions efficiently is significant to network security. Radial basis function (RBF) neural network is a kind of feed forward neural network, which is widely employed as a real-time pattern classification. In RBF neural network, the center of radial basis function, the variance of radial basis of function and the weight have to be chosen. If they are not appropriately chosen, the RBF neural network may degrade validity and accuracy of modeling. Particle swarm optimization algorithm (PSO) is a member of the wide category of swarm intelligence methods to solve non-linear programming problems. PSO has proved to be competitive with genetic algorithm (GA) in parameter optimization. So PSO is used to optimize the RBF neural network parameters in this work. Therefore, the novel combination method based on RBF neural network and PSO (PSO-RBFNN) is adapted to network intrusion detection. The experimental results show that the proposed model is superior to the conventional RBF neural network.

Junfei Qiao,Fei Li,Cuili Yang,Wenjing Li,Ke Gu

DOI: https://doi.org/10.1109/jas.2019.1911852

2020-01-01

IEEE/CAA Journal of Automatica Sinica

Abstract:Radial basis function neural network（RBFNN） is an effective algorithm in nonlinear system identification. How to properly adjust the structure and parameters of RBFNN is quite challenging. To solve this problem, a distance concentration immune algorithm（DCIA） is proposed to self-organize the structure and parameters of the RBFNN in this paper. First, the distance concentration algorithm, which increases the diversity of antibodies, is used to find the global optimal solution. Secondly,the information processing strength（IPS） algorithm is used to avoid the instability that is caused by the hidden layer with neurons split or deleted randomly. However, to improve the forecasting accuracy and reduce the computation time, a sample with the most frequent occurrence of maximum error is proposed to regulate the parameters of the new neuron. In addition, the convergence proof of a self-organizing RBF neural network based on distance concentration immune algorithm（DCIA-SORBFNN） is applied to guarantee the feasibility of algorithm. Finally, several nonlinear functions are used to validate the effectiveness of the algorithm. Experimental results show that the proposed DCIASORBFNN has achieved better nonlinear approximation ability than that of the art relevant competitors.

XU Xin-zheng

DOI: https://doi.org/10.3321/j.issn:1002-8331.2007.14.023

2007-01-01

Computer Engineering and Applications Journal

Abstract:In this paper,the model of adaptive radial base function neural network is presented.In this model,SOM neural network,as a cluster network,performed unsupervised learning and weight vectors belonging to its output nodes are transmitted to the hidden nodes in RBF network as the centers of RBF activation function,as a result one to one correspondence relationship is realized between the output nodes in SOM and the hidden nodes in RBF network.RBF network,as a basic network,performed the nonlinear mapping from input nodes to hidden nodes using Gauss function and linear mapping from hidden nodes to output nodes using supervised learning algorithm.The results of simulation on the recognition of the set of English character are shown to prove the proposed networks have good performance.

Duan Yuqian,He Jiali

DOI: https://doi.org/10.3321/j.issn:1000-1026.2000.21.006

2000-01-01

Abstract:To improve the study efficiency and reduce the training time, a new method based on radial basis function network (RBFN) to perform the neural network based distance protection is put forward. Compared with the one based on BP network, this method spends less training time. The test results show that the neural network based distance protection based on RBFN is feasible and efficient and has the good performance of pattern recognition. This project is supported by National Natural Science Foundation of China (No. 59907002).

Jiang Zhong,Zhiguo Li,Yong Feng,Cunxiao Ye

DOI: https://doi.org/10.1109/ISDA.2006.253762

2006-01-01

Abstract:Recently the machine learning-based intrusion detection approaches have been subjected to extensive researches because they can detect both misuse and anomaly. In this paper, we propose a new method to design classifier based on multiple granularities immune network. Firstly a multiple granularities immune network (MGIN) algorithm is employed to reduce the data and get the candidate hidden neurons and construct an original RBF network including all candidate neurons. Secondly, the removing redundant neurons procedure is used to get a smaller network. Experimental results on the real network data set show that the new classifier has higher detection and lower false positive rate than traditional RBF classifier.

Dimitris Gavrilis,Evangelos Dermatas

DOI: https://doi.org/10.1016/j.comnet.2004.08.014

IF: 5.493

2005-06-01

Computer Networks

Abstract:In this paper we present and evaluate a Radial-basis-function neural network detector for Distributed-Denial-of-Service (DDoS) attacks in public networks based on statistical features estimated in short-time window analysis of the incoming data packets. A small number of statistical descriptors were used to describe the DDoS attacks behaviour, and an accurate classification is achieved using the Radial-basis-function neural networks (RBF-NN). The proposed method is evaluated in a simulated public network and showed detection rate better than 98% of DDoS attacks using only three statistical features estimated from one window of data packets of 6s length. The same type of experiments were carried out on a real network giving significantly better results: a 100% DDoS detection rate is achieved followed by a 0% of false alarm rate using different statistical descriptors and training conditions for the RBF-NN.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Min HAN,Pi-Suo CUI

DOI: https://doi.org/10.3969/j.issn.1003-6059.2006.01.017

2006-01-01

Pattern Recognition and Artificial Intelligence

Abstract:The problem of training RBF (Radial Basis Function) neural network for pattern recognition is considered.In this paper,taking account of the specific feature of classification problem,a new training algorithm based on the regional mapping and novelty condition of RAN (Resource Allocating Network) is proposed.The results show the effectiveness of the proposed approach in RBF network training for pattern recognition,mainly in shortening the learning time,simplifying the structure of network and improving the classification accuracy.

Wing W. Y. Ng,Aki P. F. Chan,Daniel S. Yeung,Eric C. C. Tsang

DOI: https://doi.org/10.1007/11739685_89

2006-01-01

Abstract:High precision and low false alarm rate are the two most important characteristics of a good Intrusion Detection System (IDS). In this work, we propose to construct a host-based IDS for detecting flooding-based Denial of Service (DoS) attacks by minimizing the generalization error bound of the IDS to reduce its false alarm rate and increase its precision. Radial basis function neural network (RBFNN) will be applied in the IDS. The generalization error bound is formulated based on the stochastic sensitivity measure of RBFNN. Experimental results using artificial datasets support our claims.

Min Han,Wei Guo,Yunfeng Mu

DOI: https://doi.org/10.1109/IJCNN.2007.4371356

2007-01-01

Abstract:This paper presents a modified radial basis function (RBF) neural network for pattern recognition problems, which uses a hybrid learning algorithm to adaptively adjust the structure of the network. Two strategies are used to attain the compromise between the network complexity and accuracy, one is a modified "novelty" condition to create a new neuron in the hidden layer; the other is a pruning technique to remove redundant neurons and corresponding connections. To verify the performance of the modified network, two pattern recognition simulations are completed. One is a two-class pattern recognition problem, and the other is a real-world problem, internal component recognition in the field of architecture engineering. Simulation results including final hidden neurons, error, and accuracy using the method proposed in this paper are compared with performance of radial basis functional link network, resource allocating network and RBF neural network with generalized competitive learning algorithm. And it can be concluded that the proposed network has more concise architecture, higher classifier accuracy and fewer running time.

Yi Niu,Qilun Zheng,Hong Peng,Liping Liu

2007-01-01

Abstract:With the widespread application of large and complicated network, network safety has become an important issue. In this paper, a security operation center (SOC) concept based, on multi-sensor data fusion technology is Presented from the viewpoint of the network security. A structure of a SOC system based on radial basis function neural (RBFN) network is proposed, and the detailed method of data fusion in SOC is discussed. A prototype of SOC system is developed according to this structure of the SOC, Experimental results indicate that the SOC system, based on RBFN network can increase greatly the correctness of detection intrusion. and decrease the rate of false positive.

Prasenjit Dey,Dhananjoy Bhakta

DOI: https://doi.org/10.1007/s40009-023-01223-0

2023-02-23

National Academy Science Letters

Abstract:There exist many intrusion detection systems (IDSs) to provide privacy and security to user data in networks. However, these models are prone to generate high false alarms due to large amounts of noisy data and large feature dimensions. This work aims to achieve a robust IDS by using a hybrid classification model consisting of random forest (RF) and support vector machine (SVM), called RF-SVM. Here, a novel feature optimization technique based on RF has been proposed to optimize the original feature space. Later, SVM is used over the optimized feature space for classification. To test the performance of the proposed model, both scenarios: (i) Anomaly detection and (ii) Signature detection, have been considered. For anomaly detection, binary SVM is used, where the data contain two classes: (i) Normal and (ii) Attack types, whereas, for attack signature detection, multi-class SVM is used to detect each attack type. Simulation results on four standard data sets: (i) NSL-KDD, (ii) ISCX-URL2016, (iii) CICDarknet2020 and (iv) CICDoHBrw2020 demonstrate that the proposed model shows better accuracy and false alarm rate (FAR) compared to other state-of-the-art models.

multidisciplinary sciences

Jianhong Gao,Lixin Xu,Yaping Dai

DOI: https://doi.org/10.1109/wcica.2004.1342338

2004-01-01

Abstract:Self-organizing map (SOM) neural network and pattern recognition methods were applied in this system. A two-layered SOM network was designed, containing SOM1 and SOM2. SOM1 was designed to distinguish attack patterns from normal ones, and SOM2 was designed to point out the specific type of attack patterns. The KDD benchmark dataset from the International Knowledge Discovery and Data Mining Tools Competition was employed for training and testing our prototype, and divergences were calculated for feature selection. Finally, 4 chief features were employed as input of the two SOMs. From our experimental results with different network data, our scheme achieved more than 98 percent detection rate and less than 2 percent false alarm rate, it could provide a precise and efficient way for implementing the classifier in intrusion detection.