Hybrid intelligent systems for network security

Abstract

Society has grown to rely on Internet services, and the number of Internet users increases every day. As more and more users become connected to the network, the window of opportunity for malicious users to do their damage becomes very great and lucrative. The computer industry is combating the rising threat of malicious activity with new hardware and software products such as Intrusion Detection Systems, Intrusion Prevention Systems, and Firewalls. However, malicious users are constantly looking for ways to by-pass the security features of these products, and many times they will succeed. This paper describes a novel concept implemented for the purpose of computer and network security with hopes of using it to combat malicious user activity. A hybrid-intelligent system based on Bayesian Learning Networks and Self-Organizing Maps was created and used for classifying network and host based data collected within a Local Area Network. The KDD-CUP-99 data set was used to test this classification system, and the experimental results show that there is an advantage to using a hybrid system such as this because there was a significant improvement in classification accuracy compared to a non-hybrid Bayesian Learning approach when network-only data is used for classification.