Skip to main content
SpringerLink
Log in

A Distributed Hebb Neural Network for Network Anomaly Detection

  • Conference paper
Parallel and Distributed Processing and Applications (ISPA 2007)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4742))

Abstract

One of the most challenging problems in anomaly detection is to develop scalable algorithms which are capable of dealing with large audit data, network traffic data, or alter data. In this paper a distributed neural network based on Hebb rule is presented to improve the speed and scalability of inductive learning. The speed is improved by randomly splitting a large data set into disjoint subsets and each subset data is presented to an independent neural network, these networks can be trained in distributed and each one in parallel. The analysis of completeness and risk bounds of competitive Hebb learning proof that the distributed Hebb neural network can avoid the accuracy being degraded as compared to running a single algorithm with the entire data. The experiments are performed on the KDD’99 Data set, which is a standard intrusion detection benchmark. Comparisons with other approaches on the same benchmark demonstrate the effectiveness and applicability of the proposed method.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ingham, K.L., Somayaji, A., Burge, J., Forrest, S.: Learning DFA Representations of HTTP For Protecting Web Applications. Computer Networks 51(5), 1239–1255 (2007)

    Article  MATH  Google Scholar 

  2. Özyer, T., Alhajj, R., Barker, K.: Intrusion Detection By Integrating Boosting Genetic Fuzzy Classifier and Data Mining Criteria for Rule Pre-screening. Journal of Network and Computer Applications 30(1), 99–113 (2007)

    Article  Google Scholar 

  3. Wang, W., Guan, X.H., Zhang, X.L., Yang, L.W.: Profiling Program Behavior for Anomaly Intrusion Detection Based on The Transition and Frequency Property of Computer Audit Data. Computers & Security 25(7), 539–550 (2006)

    Article  Google Scholar 

  4. Julisch, K.: Clustering Intrusion Detection Alarms to Support Root Cause Analysis. ACM Transactions on Information and System Security 6(4), 443–471 (2003)

    Article  Google Scholar 

  5. Lee, W., Stolfo, S., Kui, M.: A Data Mining Framework for Building Intrusion Detection Models. In: IEEE Symposium on Security and Privacy, Oakland, pp. 120–132 (1999)

    Google Scholar 

  6. Shin, M.S., Jeong, K.J: An Alert Data Mining Framework for Network-based Intrusion Detection System. In: Song, J., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 38–53. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  7. Huang, M.Y., Jasper, R.J., Wicks, T.M.: A Large Scale Distributed Intrusion Detection Framework Based on Attack Strategy Analysis. Computer Networks 31, 2465–2475 (1999)

    Article  Google Scholar 

  8. Julisch, K.: Clustering Intrusion Detection Alarms to Support Root Cause Analysis. ACM Transactions on Information and System Security 6(4), 443–471 (2003)

    Article  Google Scholar 

  9. Khan, L., Awad, M., Thuraisingham, B.: A New Intrusion Detection System Using Support Vector Machines and Hierarchical Clustering. The International Journal on Very Large Data Bases, online first, 1–15 (2006)

    Google Scholar 

  10. Li, X.Y., Ye, N.: Mining Normal and Intrusive Activity Patterns for Computer Intrusion Detection. In: Chen, H., Moore, R., Zeng, D.D., Leavitt, J. (eds.) ISI 2004. LNCS, vol. 3073, pp. 226–238. Springer, Heidelberg (2004)

    Google Scholar 

  11. Li, X.B.: A Scalable Decision Tree System and Its Application in Pattern Recognition and Intrusion Detection. Decision Support Systems 41(1), 112–130 (2005)

    Article  MATH  Google Scholar 

  12. Wei, C.P., Lee, Y.H., Hsu, C.M.: Empirical Comparison of Fast Partitioning-based Clustering Algorithms for Large Data Sets. Expert Systems with Applications 24, 351–363 (2003)

    Article  Google Scholar 

  13. Peter, W., Chiochetti, J., Giardina, C.: New Unsupervised Clustering Algorithm for Large Datasets. In: Proceedings of the Ninth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Washington, D.C, pp. 643–648. ACM Press, New York (2003)

    Chapter  Google Scholar 

  14. Gursoy, A.: Data Decomposition for Parallel K-means Clustering. In: Wyrzykowski, R., Dongarra, J.J., Paprzycki, M., Waśniewski, J. (eds.) PPAM 2004. LNCS, vol. 3019, pp. 241–248. Springer, Heidelberg (2004)

    Google Scholar 

  15. Ceglar, A., Roddick, J.F.: Association Mining. ACM Computing Surveys 38(2), 1–42 (2006)

    Article  Google Scholar 

  16. Parthasarathy, S., Zaki, M.J., Ogihara, M., Li, W.: Parallel Data Mining for Association Rules on Shared-memory Systems. Knowledge and Information Systems 3, 1–29 (2001)

    Article  MATH  Google Scholar 

  17. Jia, C.Y., Gao, X.P.: Multi-scaling Sampling: an Adaptive Sampling Method for Discovering Approximate Association Rules. Journal of Computer Science and Technology 20(3), 309–318 (2005)

    Article  MathSciNet  Google Scholar 

  18. Tuv, E., Borisov, A., Torkkola, K.: Best Subset Feature Selection for Massive Mixed-type Problems. In: Proceedings of the 7th International Conference on Intelligent Data Engineering and Automated Learning, Burgos, Spain, pp. 1048–1056 (2006)

    Google Scholar 

  19. Tang, W.Y., Mao, K.Z.: Feature Selection Algorithm for Data with Both Nominal and Continuous Features. In: Ho, T.-B., Cheung, D., Liu, H. (eds.) PAKDD 2005. LNCS (LNAI), vol. 3518, pp. 683–688. Springer, Heidelberg (2005)

    Google Scholar 

  20. Amado, N., Gama, J., Silva, F.: Parallel Implementation of Decision Tree Learning Algorithms. In: Proceedings of the 10th Portuguese Conference on Artificial Intelligence, Porto, Portugal, pp. 6–13 (2001)

    Google Scholar 

  21. Todorovski, L., Dzeroski, S.: Combining Classifiers With Meta Decision Trees. Machine Learning 50(3), 223–249 (2003)

    Article  MATH  Google Scholar 

  22. Bishop, C.M.: Training With Noise is Equivalent to Tikhonov Regularization. Neural computation 7(11), 108–116 (1995)

    Article  Google Scholar 

  23. Geman, S., Bienenstock, E., Doursat, R.: Neural Networks and The Bias/variance Dilemma. Neural Computation 4, 1–58 (1992)

    Article  Google Scholar 

  24. Folino, G., Pizzuti, C., Spezzano, G.: GP Ensemble for Distributed Intrusion Detection Systems. In: Proceedings of the 3rd International Conference on Advanced in Pattern Recognition, Bath, UK, pp. 54–62 (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Computer Science and Technology,  

    Daxin Tian & Yanheng Liu

  2. Key Laboratory of Symbolic Computation and Knowledge, Engineering of Ministry of Education,  

    Daxin Tian & Yanheng Liu

  3. Mathematics College, Jilin University, 130012, China

    Bin Li

Authors
  1. Daxin Tian
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yanheng Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bin Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Ivan Stojmenovic Ruppa K. Thulasiram Laurence T. Yang Weijia Jia Minyi Guo Rodrigo Fernandes de Mello

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Tian, D., Liu, Y., Li, B. (2007). A Distributed Hebb Neural Network for Network Anomaly Detection. In: Stojmenovic, I., Thulasiram, R.K., Yang, L.T., Jia, W., Guo, M., de Mello, R.F. (eds) Parallel and Distributed Processing and Applications. ISPA 2007. Lecture Notes in Computer Science, vol 4742. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74742-0_30

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-74742-0_30

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-74741-3

  • Online ISBN: 978-3-540-74742-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation