Abstract
A new evaluation mechanism was proposed to enhance the representation of data topology in the directed batch growth hierarchical self-organizing mapping. In the proposed mechanism, the growth threshold and the correlation worked in a case-sensitive manner through the statistic calculation of the input data. Since the proposed model enabled a more thorough representation of data topology from both the horizontal and the vertical directions, it naturally held great potential in detecting various traffic attacks. Numerical experiments of network intrusion detection were carried out on the datasets of KDD99, Moore and CICIDS2017, where the good performance validated the superiority of the proposed method.
Highlights
With the growth of the internet traffic generated by malwares, e.g. internet virus and worm attacks, the traffic attack becomes arguably the most hazardous network intrusion, which can disable computer programs, delete files, reformat hard disks, and especially cause network paralysis
The intelligent adaptive self-learning and self-organizing system for viruses detection based on the integration of the Artificial Immune Systems and Artificial Neural Networks was proposed in [1]; an automated traffic attacks classification approach based on the back propagation neural network was proposed in [2]; [3] proved that the Naive Bayes estimator can achieve high precision of traffic attack detection, et cetera
In order to address the limitation of the SE-DBGSOM, we propose a new model to detect attack data in network traffic, statistic-enhanced direct batch growth hierarchical self-organizing mapping (SE-DBGHSOM)
Summary
With the growth of the internet traffic generated by malwares, e.g. internet virus and worm attacks, the traffic attack becomes arguably the most hazardous network intrusion, which can disable computer programs, delete files, reformat hard disks, and especially cause network paralysis. In order to address the limitation of the SE-DBGSOM, we propose a new model to detect attack data in network traffic, statistic-enhanced direct batch growth hierarchical self-organizing mapping (SE-DBGHSOM). In order to further improve the classification accuracy of various attack data, multiple types of data mapped to the identical neuron are further extended based on SE-DBGSOM These units are identified by a rather high quantization error qei above the threshold T. If the cumulative error qei of the ith neuron is higher than T , a new map is added to the hierarchical structure, and the input data mapped to the i-th neuron in the upper mapping is self-organized of SE-DBGSOM again in this new map, until the cumulative error of each neuron does not meet Eq 3 Note that this may not necessarily lead to a balanced hierarchy. The depth of the hierarchy will rather reflect the uniformity which should be expected in real-world data collections
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
