Anomaly-based detection using synergetic neural network

Abstract

Network traffic anomaly detection has become a popular research tendency, as it can detect new type attacks in real time. However, the network traffic appears as a complex dynamic system, causing by the collaboration of many network factors. Although various methods have been proposed to detect anomalies, they are mostly based on the traditional statistical physics. In these methods, all factors are integrated to analyze the variation of the network traffic. But in fact, the changing trend of the network traffic at some moment is only determined by a few primary factors. This paper presents a non-statistical network traffic anomaly detection method based on the synergetic neural networks. In our method, a synergetic dynamic equation based on the order parameters is used to describe the complex behavior of the network traffic system. When the synergetic dynamic equation is evolved, only the order parameter determined by the primary factors can converge to 1. Therefore, the network traffic anomaly can be detected by referring to the primary factors. We evaluate our approach using the intrusion evaluation data set of the network traffic provided by the defense advanced research projects agency (DARPA). Experiment results show that our approach can effectively detect the network anomaly and achieve high detection probability and low false alarms rate.