Your SlideShare is downloading. ×
0
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Artificial neural network for misuse detection
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Artificial neural network for misuse detection

1,975

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,975
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
86
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1.  
  • 2. INTRUSION DETECTION SYSTEMS (IDS) • Host-based IDS • Network-based IDS • Vulnerability-assessment IDS COMPONENT OF Of IDS • An information source that provides a stream of event records • An analysis engine that identifies signs of intrusions • A response component that gene rates reactions based on the outcome of the analysis engine.
  • 3. NEURAL NETWORKS
  • 4. NEURAL NETWORK IDS PROTOTYPES 1. Percetron Model: A single neuron with adjustable synapses and threshold.
  • 5. 2 . Backpropagation Model 3. Perceptron-Backpropagation Hybrid Model
  • 6. Neural Network Intrusion Detection Systems • Computer attack • Typical characteristics of User • Computer Viruses • Malicious Software in Computer Network
  • 7. NEGPAIM MODEL
  • 8. NEURAL ENGINE • Based Anomaly intrusion detection • Establish profiles of normal user and compare user behaviors to those profiles • Investigation of total behaviors of the user Disadvantages • A statistical assumption is required
  • 9. IMPLEMENTATION • Uses Multi-layer Pecptron Network First Stage : 1. Training a set of historical Data 2. Only once for each user Second Stage: 1. Engine accept input Data 2. Compare with the historical Data
  • 10. IMPLEMENTATION OF ANN 1. Incorporating into Modified or Existing Expert system • The incoming Data is Filtered by Neural Network for suspicious event • The False alarm should be reduced Disadvantages: • Need for update to recognize the new attack
  • 11. 2. Neural Network as Stand alone System • Data is received from Network Stream and analyzed for misuse • Indicative of data is forwarded to automated intrusion response system
  • 12. LEVEL OF PROCESSING OF DATA LEVEL 1: The element of data is selected from packet as Protocol ID, Source Port, Destination Port, Source Address, Destination Address, ICMP type, ICMP Code, Raw data length, Raw. LEVEEL 2: Converting the nine element data to a standardized numeric representation. LEVEL 3: Conversion of result data into ASCII coma delimited format that could be used by Neural Network.
  • 13. ADVANTAGES OF ANN BASED MISUSE DETECTION • Analyzing the Data which is incomplete of distorted • Speed of neural Network • A particular event was indicative attack can be known • To Learn the characteristics of Misuse attack
  • 14. DISADVANTAGES OF ANN BASED MISUSE DETECTION • Need accurate training of the system • Black Box nature of the neural network • The weight and transfer function of various network nodes are Frozen after a network has achieved a level of success in identification of event
  • 15. The early results of tests of these technologies show significant promise, and our future work will involve the refinement of the approach and the development of a full-scale demonstration system
  • 16. THANK YOU
  • 17.  
  • 18. INTRUSION DETECTION SYSTEMS (IDS) • Host-based IDS • Network-based IDS • Vulnerability-assessment IDS COMPONENT OF Of IDS • An information source that provides a stream of event records • An analysis engine that identifies signs of intrusions • A response component that gene rates reactions based on the outcome of the analysis engine.
  • 19. NEURAL NETWORKS
  • 20. NEURAL NETWORK IDS PROTOTYPES 1. Percetron Model: A single neuron with adjustable synapses and threshold.
  • 21. 2 . Backpropagation Model 3. Perceptron-Backpropagation Hybrid Model
  • 22. Neural Network Intrusion Detection Systems • Computer attack • Typical characteristics of User • Computer Viruses • Malicious Software in Computer Network
  • 23. NEGPAIM MODEL
  • 24. NEURAL ENGINE • Based Anomaly intrusion detection • Establish profiles of normal user and compare user behaviors to those profiles • Investigation of total behaviors of the user Disadvantages • A statistical assumption is required
  • 25. IMPLEMENTATION • Uses Multi-layer Pecptron Network First Stage : 1. Training a set of historical Data 2. Only once for each user Second Stage: 1. Engine accept input Data 2. Compare with the historical Data
  • 26. IMPLEMENTATION OF ANN 1. Incorporating into Modified or Existing Expert system • The incoming Data is Filtered by Neural Network for suspicious event • The False alarm should be reduced Disadvantages: • Need for update to recognize the new attack
  • 27. 2. Neural Network as Stand alone System • Data is received from Network Stream and analyzed for misuse • Indicative of data is forwarded to automated intrusion response system
  • 28. LEVEL OF PROCESSING OF DATA LEVEL 1: The element of data is selected from packet as Protocol ID, Source Port, Destination Port, Source Address, Destination Address, ICMP type, ICMP Code, Raw data length, Raw. LEVEEL 2: Converting the nine element data to a standardized numeric representation. LEVEL 3: Conversion of result data into ASCII coma delimited format that could be used by Neural Network.
  • 29. ADVANTAGES OF ANN BASED MISUSE DETECTION • Analyzing the Data which is incomplete of distorted • Speed of neural Network • A particular event was indicative attack can be known • To Learn the characteristics of Misuse attack
  • 30. DISADVANTAGES OF ANN BASED MISUSE DETECTION • Need accurate training of the system • Black Box nature of the neural network • The weight and transfer function of various network nodes are Frozen after a network has achieved a level of success in identification of event
  • 31. The early results of tests of these technologies show significant promise, and our future work will involve the refinement of the approach and the development of a full-scale demonstration system
  • 32. THANK YOU

×