Anomaly detection based intrusion detection

Dima Novikov, Rochester Institute of Technology
Roman V. Yampolskiy, University of Louisville
Leon Reznik, Rochester Institute of Technology


This work is devoted to the problem of Neural Networks as means of Intrusion Detection. We show that properly trained Neural Networks are capable of fast recognition and classification of different attacks. The advantage of the taken approach allows us to demonstrate the superiority of the Neural Networks over the systems that were created by the winner of the KDD Cups competition and later researchers due to their capability to recognize an attack, to differentiate one attack from another, i.e. classify attacks, and, the most important, to detect new attacks that were not included into the training set. The results obtained through simulations indicate that it is possible to recognize attacks that the Intrusion Detection System never faced before on an acceptably high level. © 2006 IEEE.