| As an active security-defense technique, intrusion detection system (IDS) offers real-time protect against interior or exterior attack, and mistaken operation. It can intercept or give response to the intrusion before the network is in invasion. However, nowadays the intrusion detection system is facing great challenges, more and more complicated computer network system, wiser intrusion means and the raising constantly of the speed of the network requiring the intrusion detection technique to improve speed about process data and decrease false positive and false negative, at the same time IDS be asked to find out unknown attack.In this dissertation, the existing intrusion detection models and techniques are elaborated first. Aiming at some key problems of IDS, some intrusion detection model based on neural network are designed which integrate other techniques such as SOM, PCA so on. Then the experiments on the Intrusion detection benchmark datasets confirm their validities and feasibilities.Main contributions of these studies include the following parts:According to the standard of KDDCUP'99 and by adopting numeric mixed coding, 41 features of the captured network packets are extracted and transferred into numerical from which can be accepted by neural network.In this paper, the Self Organizing Map (SOM) learning and classification algorithms are modified. Then via the introduction of Match-degree, Reduction-rate and quantification error of reducing sample, a novel approach to intrusion detection based on Multi-layered modified SOM neural network and Principal Component Analysis (PCA) is proposed. In this model, PCA is applied to feature selection, and Multi-layered SOM is designed to subdivide the imprecise clustering in single-layered SOM layer by layer. Experimental results demonstrate that this model can provide a precise and efficient way for implementing the classifier in intrusion detection. |
PDF Full Text Request