Neural Detection of Malicious Network Activities Using a New Direct Parsing and Feature Extraction Technique

Abstract

The aim of this thesis is to develop an intrusion detection system (IDS) software, which learns to detect and classify network attacks and intrusions through prior training data. With the added criteria of operating in real-time applications, ways of improving the efficiency of the IDS without sacrificing the probability of correct classification (PCC) are also considered. Knowledge Data and Discovery Cup 99 data is used to evaluate the IDS architecture. Two neural network (NN) architectures were designed and compared through simulation; the first architecture uses a single NN, while the second uses the merged output of three NNs in parallel. Results show that a three-parallel NN implementation has similar classification performance and a shorter training time than with a single NN implementation. PCC is on the order of 93% for denial-of-service attacks and 96% for normal traffic. The classification results for the R2L and U2R attacks are poor due to the lack of available training data.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2015
Accession Number
ADA632376

Entities

People

  • Cheng H. Low

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber
  • Electronic Warfare
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Computational Science
  • Data Mining
  • Data Science
  • Denial Of Service Attack
  • Detection
  • Detectors
  • Feature Extraction
  • Information Science
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Machine Learning
  • Network Protocols
  • Neural Networks
  • Operating Systems
  • Pattern Recognition
  • Supervised Machine Learning

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Neural Network Machine Learning.
  • Systems Analysis and Design

Technology Areas

  • AI & ML
  • AI & ML - Neural Networks