Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM

Los Sistemas de Detección de Intrusos (IDS, por sus siglas en inglés) comerciales actuales clasifican el tráfico de red, detectando conexiones normales e intrusiones, mediante la aplicación de métodos basados en firmas; ello conlleva problemas pues solo se detectan intrusiones previamente conocidas...

Full description

Autores:
De-La-Hoz-Franco, Emiro
De la Hoz Correa, Eduardo Miguel
Ortiz, Andrés
Ortega, Julio
Tipo de recurso:
Article of journal
Fecha de publicación:
2012
Institución:
Corporación Universidad de la Costa
Repositorio:
REDICUC - Repositorio CUC
Idioma:
spa
OAI Identifier:
oai:repositorio.cuc.edu.co:11323/2659
Acceso en línea:
https://hdl.handle.net/11323/2659
https://repositorio.cuc.edu.co/
Palabra clave:
IDS (Sistema de Detección de Intrusos)
FDR (Razón Discriminante de Fisher)
SOM (Mapas Auto-organizativos)
Dataset NSL-KDD DARPA
IDS (Intrusion Detection System)
FDR (Fisher Discriminant Ratio)
SOM (Self-Organizing Map)
Dataset NSL-KDD DARPA
Rights
openAccess
License
http://purl.org/coar/access_right/c_abf2
id RCUC2_81ed7e95db1cd3a52bcadc2bce32fd0e
oai_identifier_str oai:repositorio.cuc.edu.co:11323/2659
network_acronym_str RCUC2
network_name_str REDICUC - Repositorio CUC
repository_id_str
dc.title.spa.fl_str_mv Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM
dc.title.translated.eng.fl_str_mv Intrusion detection model in network systems, making feature selection with fdr and classification-training stages with s
title Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM
spellingShingle Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM
IDS (Sistema de Detección de Intrusos)
FDR (Razón Discriminante de Fisher)
SOM (Mapas Auto-organizativos)
Dataset NSL-KDD DARPA
IDS (Intrusion Detection System)
FDR (Fisher Discriminant Ratio)
SOM (Self-Organizing Map)
Dataset NSL-KDD DARPA
title_short Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM
title_full Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM
title_fullStr Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM
title_full_unstemmed Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM
title_sort Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM
dc.creator.fl_str_mv De-La-Hoz-Franco, Emiro
De la Hoz Correa, Eduardo Miguel
Ortiz, Andrés
Ortega, Julio
dc.contributor.author.spa.fl_str_mv De-La-Hoz-Franco, Emiro
De la Hoz Correa, Eduardo Miguel
Ortiz, Andrés
Ortega, Julio
dc.subject.spa.fl_str_mv IDS (Sistema de Detección de Intrusos)
FDR (Razón Discriminante de Fisher)
SOM (Mapas Auto-organizativos)
Dataset NSL-KDD DARPA
topic IDS (Sistema de Detección de Intrusos)
FDR (Razón Discriminante de Fisher)
SOM (Mapas Auto-organizativos)
Dataset NSL-KDD DARPA
IDS (Intrusion Detection System)
FDR (Fisher Discriminant Ratio)
SOM (Self-Organizing Map)
Dataset NSL-KDD DARPA
dc.subject.eng.fl_str_mv IDS (Intrusion Detection System)
FDR (Fisher Discriminant Ratio)
SOM (Self-Organizing Map)
Dataset NSL-KDD DARPA
description Los Sistemas de Detección de Intrusos (IDS, por sus siglas en inglés) comerciales actuales clasifican el tráfico de red, detectando conexiones normales e intrusiones, mediante la aplicación de métodos basados en firmas; ello conlleva problemas pues solo se detectan intrusiones previamente conocidas y existe desactualización periódica de la base de datos de firmas. En este artículo se evalúa la eficiencia de un modelo de detección de intrusiones de red propuesto, utilizando métricas de sensibilidad y especificidad, mediante un proceso de simulación que emplea el dataset NSL-KDD DARPA, seleccionando de éste las características más relevantes con FDR y entrenando una red neuronal que haga uso de un algoritmo de aprendizaje no supervisado basado en mapas auto-organizativos, con el propósito de clasificar el tráfico de la red en conexiones normales y ataques, de forma automática. La simulación generó métricas de sensibilidad del 99,69% y de especificidad del 56,15% utilizando 20 y 15 características, respectivamente
publishDate 2012
dc.date.issued.none.fl_str_mv 2012-10-31
dc.date.accessioned.none.fl_str_mv 2019-02-21T00:18:59Z
dc.date.available.none.fl_str_mv 2019-02-21T00:18:59Z
dc.type.spa.fl_str_mv Artículo de revista
dc.type.coar.fl_str_mv http://purl.org/coar/resource_type/c_2df8fbb1
dc.type.coar.spa.fl_str_mv http://purl.org/coar/resource_type/c_6501
dc.type.content.spa.fl_str_mv Text
dc.type.driver.spa.fl_str_mv info:eu-repo/semantics/article
dc.type.redcol.spa.fl_str_mv http://purl.org/redcol/resource_type/ART
dc.type.version.spa.fl_str_mv info:eu-repo/semantics/acceptedVersion
format http://purl.org/coar/resource_type/c_6501
status_str acceptedVersion
dc.identifier.citation.spa.fl_str_mv De la Hoz Franco, E., De la Hoz Correa, E. M., Ortiz, A., & Ortega, J. (2012). Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM. INGE CUC, 8(1), 85-116. Recuperado a partir de https://revistascientificas.cuc.edu.co/ingecuc/article/view/225
dc.identifier.issn.spa.fl_str_mv 0122-6517, 2382-4700 electrónico
dc.identifier.uri.spa.fl_str_mv https://hdl.handle.net/11323/2659
dc.identifier.eissn.spa.fl_str_mv 2382-4700
dc.identifier.instname.spa.fl_str_mv Corporación Universidad de la Costa
dc.identifier.pissn.spa.fl_str_mv 0122-6517
dc.identifier.reponame.spa.fl_str_mv REDICUC - Repositorio CUC
dc.identifier.repourl.spa.fl_str_mv https://repositorio.cuc.edu.co/
identifier_str_mv De la Hoz Franco, E., De la Hoz Correa, E. M., Ortiz, A., & Ortega, J. (2012). Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM. INGE CUC, 8(1), 85-116. Recuperado a partir de https://revistascientificas.cuc.edu.co/ingecuc/article/view/225
0122-6517, 2382-4700 electrónico
2382-4700
Corporación Universidad de la Costa
0122-6517
REDICUC - Repositorio CUC
url https://hdl.handle.net/11323/2659
https://repositorio.cuc.edu.co/
dc.language.iso.none.fl_str_mv spa
language spa
dc.relation.ispartofseries.spa.fl_str_mv INGE CUC; Vol. 8, Núm. 1 (2012)
dc.relation.ispartofjournal.spa.fl_str_mv INGE CUC
INGE CUC
dc.relation.references.spa.fl_str_mv [1] SourceFire - Snort. Disponible en: http://www.snort.org/
[2] CheckPoint® Software Technologies Ltd. NFR (Network Flight Recorder). Disponible en: http://www.checkpoint.com/corporate/nfr/index.html
[3] L. T. Heberlein. Network Security Monitor, Final Report. Lawrence Livermore National Laboratory (LLNL) and the University of California, Davis (UCD). February 1995. Disponible en: http://seclab.cs.ucdavis.edu/papers/NSM-final.pdf
[4] CISCO System. Cisco Intrusion Detection (NetRanger). Disponible en: http://www.cisco.com/warp/public/cc/pd/sqsw/sqidsz/index.shtml
[5] IBM. RealSecure Network Sensor. Disponible en: http://www-947.ibm.com/support/entry/portal/Overview/Software/Tivoli/ RealSecure_Network_Sensor
[6] M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani. “A Detailed Analysis of the KDD CUP 99 Data Set”, IEEE Symposium on Computational Intelligence for Security and Defense Applications, 2009. CISDA 2009, pp. 1-6, july 2009.
[7] M. Shyu, S. Chen, K. Sarinnapakorn, and L. Chang. “A novel anomaly detection scheme based on principal component classifier,” Proceedings of the IEEE Foundations and New Directions of Data Mining Workshop, in conjunction with the Third IEEE International Conference on Data Mining (ICDM03), pp. 172-179, 2003.
[8] USC Information Sciences Intitute. “Common Intrusion Detection Framework”, Disponible en: http://gost.isi.edu/cidf/
[9] CIDF Working Group (Clifford Kahn, Don Bolinger and Dan Schnackenberg). DRAFT Specification. Communication in the Common Intrusion Detection Framework v 0.7. 8 June 1998. Disponible en: http://gost.isi.edu/cidf/drafts/communication.txt
[10] Rich Feiertag, Cliff Kahn, Phil Porras, Dan Schnackenberg et al. A Common Intrusion Specification Language (CISL). 11 June 1999. Disponible en: http://gost.isi.edu/cidf/drafts/language.txt
[11] Australian Computer Emergency Response Team. Disponible en: http://www.auscert.org.au/
[12] Internet Engineering Task Force. Disponible en: http://datatracker.ietf.org/wg/idwg/
[13] Common Vulnerabilities and Exposures -CVE. Disponible en: http://cve.mitre.org/about/index.html
[14] Prelude Technologies. Disponible en: http://www.prelude-technologies.com/
[15] National Institute of Standards and Technology- National Computer Security Center. National Computer Security Conference. DIANE Publishing Company. October 1992. p. 272.
[16] SRI - International a real-time Intrusion- Detection Expert System (IDES). Disponible en: http://www.csl.sri.com/ papers/9sri/9sri.pdf
[17] S. Noel, D. Wijesekera, and C. Youman. “Modern Intrusion Detection, Data Mining, and Degrees of Attack Guilt”. In Applications of Data Mining in Computer Security, D. Barbarà and S. Jajodia (eds.), Kluwer Academic Publisher, 2002.
[18] A. Lazarevic, J. Srivastava, and V. A. Kumar, “Survey of Intrusion Detection techniques”. Managing Cyber Threats: Issues, Approaches and Challenges, to be published by Kluwer in spring 2004.
[19] Working Group 2 of the Joint Committee for Guides in Metrology (JCGM/WG 2). International vocabulary of metrology - Basic and general concepts and associated terms (VIM). 3rd edition. 2008. Disponible en: http://www.bipm.org/utils/common/documents/jcgm/JCGM_200_2008.pdf
[20] Lincoln Laboratory of Massachusetts Institute Tecnology - MIT. Disponible en: http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/index.html
[21] KDD Cup 1999. Disponible en: http:// kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
[22] The NSL-KDD Data Set. Disponible en: http://nsl.cs.unb.ca/NSL-KDD/
[23] The University of Waikato. Disponible en: http://www.cs.waikato.ac.nz/~ml/weka/index.html
[24] D. Graupe, Principles of Artificial Neural Networks, World Scientific Publishing Co. Pte. Ltd., Singapore. pp. 191-222, 1997.
[25] S. Balakrishnama and A. Ganapathiraju, Linear Discriminant Analysis - A Brief Tutorial, Institute for Signal and Information Processing, Department of Electrical and Computer Engineering, Mississippi State University. 1998.
[26] R. Fisher. “The Use of Multiple Measurements in Taxonomic Problems” In: Annals of Eugenics, 7, p. 179-188. 1936.
[27] McLachlan. “Discriminant Analysis and Statistical Pattern Recognition” In: Wiley Interscience. 2004.
[28] Martinez & Kak. “PCA versus LDA” In: IEEE Transactions on Pattern Analysis and Machine Intelligence, 23(2): 228-233. 2004.
[29] V. Venkatachalam and S. Selvan. “Performance comparison of intrusion detection system classifiers using various feature reduction techniques”. International journal of simulation, 2008 - Citeseer.
[30] A. Hyvärinen and E. Oja, “Independent Component Analysis: Algorithms and Applications”, Neural Networks, Volume 13, Issue 4-5 pp. 411-430. 2000.
[31] I. T. Jolliffe, Principal Component Analysis, Springer Verlag, New York, NY, third edition. 2002.
[32] K. Pearson, “On Lines and Planes of Closest Fit to Systems of Points in Space” (PDF). Philosophical Magazine 2 (6): 559-572. 1901.
[33] T. Kohonen. “Self-organizing Maps”. Springer Series in Information Sciences. Volume 30, 1997. 2nd edition.
[34] Kohonen’s Self Organizing Feature Maps. Disponible en: http://www.ai-junkie.com/ann/som/som1.html
[35] Do Phuc, and Mai Xuan Hung, “Using SOM based Graph Clustering for Extracting Main Ideas from Documents”. Research, Innovation and Vision for the Future, 2008. RIVF 2008. IEEE International Conference on. pp. 209-214. July 2008.
[36] I. Nakaoka, J.-I. Kushida and K. Kamei, “Proposal of Group Decision Support System Using “SOM” for Purchase of Automobiles”. Innovative Computing Information and Control, 2008. ICICIC ‘08. 3rd International Conference on p. 482. June 2008.
[37] M. O. Afolabi and O. Olude, “Predicting Stock Prices Using a Hybrid Kohonen Self Organizing Map (SOM)”. System Sciences, 2007. HICSS 2007. 40th Annual Hawaii International Conference on. p. 48. Jan. 2007.
[38] I. Manolakos and E. Logaras, “High throughput systolic SOM IP core for FPGAs”. Acoustics, Speech and Signal Processing, 2007. ICASSP 2007. IEEE International Conference on. pp. II-61 - II-64. April 2007.
[39] Kuang Yin and Luo Gang, “Fault Pattern Recognition of Thermodynamic System Based on SOM”. Electrical and Control Engineering (ICECE), 2010. International Conference on. pp. 3742-3745. June 2010.
[40] Hao Ying, Wang Li-qiang and Zhao Xi’an. “Automatic Roads Extraction From Highresolution Remote Sensing Images Based on SOM”. Natural Computation (ICNC), 2010 Sixth International Conference on. pp. 1194-1198. Aug. 2010.
[41] H. Tokutaka, K. Yoshihara, K. Fujimura, K. Iwamoto, T. Watanabe and S. Kishida, “Applications of Self-organizing Maps (SOM) to the Composition Determination of Chemical Products”. Neural Networks Proceedings, 1998. IEEE World Congress on Computational Intelligence. The 1998 IEEE International Joint Conference on. pp. 301-305 vol. 1. May 1998.
[42] Li Min and Wang Dongliang, “Anormaly Intrusion Detection Based on SOM”. Information Engineering, 2009. ICIE ‘09. WASE International Conference on. pp. 40-43. July 2009.
[43] J.C. Patra, J. Abraham, P.K. Meher, and G. Chakraborty, “An Improved SOM-based Visualization Technique for DNA Microarray Data Analysis”. Neural Networks (IJCNN), The 2010 International Joint Conference on. pp. 1-7. July 2010.
[44] Y . V. Venkatesh, S.K. Raja, and N. Ramya, “A Novel SOM-based Approach for Active Contour Modeling”. Intelligent Sensors, Sensor Networks and Information Processing Conference, 2004. Proceedings of the 2004. pp. 229-234. Dec. 2004.
[45] E. Cuadros-Vargas, Recuperação de informação por similaridad e utilizando técnicas inteligentes. PhD thesis, Department of Computer Science - University of Sao Paulo. 2004.
[46] J. Blackmore and R. Miikkulainen, “Incremental grid growing: Encoding highdimensional structure into a two-dimensional feature map”. In Proceedings of the International Conference on Neural Networks ICNN93, 1993, volume I, pp. 450- 455, Piscataway, NJ. IEEE Service Center.
[47] D. Alahakoon, S. K. Halgamuge and B. Srinivasan, “A structure adapting feature map for optimal cluster representation”. In International Conference on Neural Information Processing ICONIP98, 1998. pp. 809-812.
[48] B. Fritzke, “A growing neural gas network learns topologies”. In G. Tesauro, D. S. Touretzky and T. K. Leen, editors, Advances in Neural Information Processing Systems 7, 1995, pp. 625-632. MIT Press, Cambridge MA.
[49] T. Martinetz and K. Schulten, “Topology representing networks”. Neural Networks, 1994. 7(3):507-522.
[50] A. Ocsa, C. Bedregal and E. Cuadros-Vargas, “DB-GNG: A constructive self-organizing map based on density”. In Proceedings of the International Joint Conference on Neural Networks (IJCNN07). IEEE, 2007.
[51] Y . Prudent and A. Ennaji, A k nearest classifier design. ELCVIA, 2005. 5(2): 58-71.
[52] R. H. White, “Competitive hebbian learning: algorithm and demonstrations”. Neural Networks, 1992. 5(2): 261-275.
[53] The Growing Hierarchical Self-Organizing Map. Department of Software Technology. Vienna University of Technology. Septiembre 2011. Disponible en: http://www.ifs.tuwien.ac.at/~andi/ghsom/description.html#inse
dc.relation.ispartofjournalabbrev.spa.fl_str_mv INGE CUC
dc.rights.accessrights.spa.fl_str_mv info:eu-repo/semantics/openAccess
dc.rights.coar.spa.fl_str_mv http://purl.org/coar/access_right/c_abf2
eu_rights_str_mv openAccess
rights_invalid_str_mv http://purl.org/coar/access_right/c_abf2
dc.format.mimetype.spa.fl_str_mv application/pdf
dc.publisher.spa.fl_str_mv Corporación Universidad de la Costa
dc.source.spa.fl_str_mv INGE CUC
institution Corporación Universidad de la Costa
dc.source.url.spa.fl_str_mv https://revistascientificas.cuc.edu.co/ingecuc/article/view/225
bitstream.url.fl_str_mv https://repositorio.cuc.edu.co/bitstreams/2aa5ec42-df63-45d9-835f-3c8bd05e81d2/download
https://repositorio.cuc.edu.co/bitstreams/9427ab2c-08af-4acc-9a37-27c7b417a2ae/download
https://repositorio.cuc.edu.co/bitstreams/10aa0b59-e3f4-4434-aeaf-bce73cc5103a/download
https://repositorio.cuc.edu.co/bitstreams/c5c2a336-fa5e-45b2-8de1-baf8a98d89ab/download
bitstream.checksum.fl_str_mv c4ff4921ce806edc0e89a7cfcaf667bd
8a4605be74aa9ea9d79846c1fba20a33
c58d2346d9b1f3a90db0d05b9c5ebe13
8d3f78b08d1c988227c1af0c89167684
bitstream.checksumAlgorithm.fl_str_mv MD5
MD5
MD5
MD5
repository.name.fl_str_mv Repositorio de la Universidad de la Costa CUC
repository.mail.fl_str_mv repdigital@cuc.edu.co
_version_ 1811760746386685952
spelling De-La-Hoz-Franco, EmiroDe la Hoz Correa, Eduardo MiguelOrtiz, AndrésOrtega, Julio2019-02-21T00:18:59Z2019-02-21T00:18:59Z2012-10-31De la Hoz Franco, E., De la Hoz Correa, E. M., Ortiz, A., & Ortega, J. (2012). Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM. INGE CUC, 8(1), 85-116. Recuperado a partir de https://revistascientificas.cuc.edu.co/ingecuc/article/view/2250122-6517, 2382-4700 electrónicohttps://hdl.handle.net/11323/26592382-4700Corporación Universidad de la Costa0122-6517REDICUC - Repositorio CUChttps://repositorio.cuc.edu.co/Los Sistemas de Detección de Intrusos (IDS, por sus siglas en inglés) comerciales actuales clasifican el tráfico de red, detectando conexiones normales e intrusiones, mediante la aplicación de métodos basados en firmas; ello conlleva problemas pues solo se detectan intrusiones previamente conocidas y existe desactualización periódica de la base de datos de firmas. En este artículo se evalúa la eficiencia de un modelo de detección de intrusiones de red propuesto, utilizando métricas de sensibilidad y especificidad, mediante un proceso de simulación que emplea el dataset NSL-KDD DARPA, seleccionando de éste las características más relevantes con FDR y entrenando una red neuronal que haga uso de un algoritmo de aprendizaje no supervisado basado en mapas auto-organizativos, con el propósito de clasificar el tráfico de la red en conexiones normales y ataques, de forma automática. La simulación generó métricas de sensibilidad del 99,69% y de especificidad del 56,15% utilizando 20 y 15 características, respectivamenteCurrent commercial IDSs classify network traffic, detecting both intrusions and normal con-nections by applying signature-based methods. This leads to problems since only intrusion detection previously known is detected and signature database is periodically outdated. This paper evaluates the efficiency of a proposed network intrusion detection model, using sen-sitivity and specificity metrics through a simulation process that uses the dataset NSL-KDD DARPA, selecting from this, the most relevant features with FDR and training a neural net-work that makes use of an unsupervised learning algorithm based on SOMs, in order to au-tomatically classify network’s traffic into normal and attack connections. Metrics generated by simulation were: sensitivity 99.69% and specificity 56.15%, using 20 and 15 features respectivelyDe la Hoz, Emiro-will be generated-orcid-0000-0002-4926-7414-0De la Hoz Correa, Eduardo Miguel-will be generated-orcid-0000-0001-7468-6058-0Ortiz, AndrésOrtega, Julioapplication/pdfspaCorporación Universidad de la CostaINGE CUC; Vol. 8, Núm. 1 (2012)INGE CUCINGE CUC[1] SourceFire - Snort. Disponible en: http://www.snort.org/[2] CheckPoint® Software Technologies Ltd. NFR (Network Flight Recorder). Disponible en: http://www.checkpoint.com/corporate/nfr/index.html[3] L. T. Heberlein. Network Security Monitor, Final Report. Lawrence Livermore National Laboratory (LLNL) and the University of California, Davis (UCD). February 1995. Disponible en: http://seclab.cs.ucdavis.edu/papers/NSM-final.pdf[4] CISCO System. Cisco Intrusion Detection (NetRanger). Disponible en: http://www.cisco.com/warp/public/cc/pd/sqsw/sqidsz/index.shtml[5] IBM. RealSecure Network Sensor. Disponible en: http://www-947.ibm.com/support/entry/portal/Overview/Software/Tivoli/ RealSecure_Network_Sensor[6] M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani. “A Detailed Analysis of the KDD CUP 99 Data Set”, IEEE Symposium on Computational Intelligence for Security and Defense Applications, 2009. CISDA 2009, pp. 1-6, july 2009.[7] M. Shyu, S. Chen, K. Sarinnapakorn, and L. Chang. “A novel anomaly detection scheme based on principal component classifier,” Proceedings of the IEEE Foundations and New Directions of Data Mining Workshop, in conjunction with the Third IEEE International Conference on Data Mining (ICDM03), pp. 172-179, 2003.[8] USC Information Sciences Intitute. “Common Intrusion Detection Framework”, Disponible en: http://gost.isi.edu/cidf/[9] CIDF Working Group (Clifford Kahn, Don Bolinger and Dan Schnackenberg). DRAFT Specification. Communication in the Common Intrusion Detection Framework v 0.7. 8 June 1998. Disponible en: http://gost.isi.edu/cidf/drafts/communication.txt[10] Rich Feiertag, Cliff Kahn, Phil Porras, Dan Schnackenberg et al. A Common Intrusion Specification Language (CISL). 11 June 1999. Disponible en: http://gost.isi.edu/cidf/drafts/language.txt[11] Australian Computer Emergency Response Team. Disponible en: http://www.auscert.org.au/[12] Internet Engineering Task Force. Disponible en: http://datatracker.ietf.org/wg/idwg/[13] Common Vulnerabilities and Exposures -CVE. Disponible en: http://cve.mitre.org/about/index.html[14] Prelude Technologies. Disponible en: http://www.prelude-technologies.com/[15] National Institute of Standards and Technology- National Computer Security Center. National Computer Security Conference. DIANE Publishing Company. October 1992. p. 272.[16] SRI - International a real-time Intrusion- Detection Expert System (IDES). Disponible en: http://www.csl.sri.com/ papers/9sri/9sri.pdf[17] S. Noel, D. Wijesekera, and C. Youman. “Modern Intrusion Detection, Data Mining, and Degrees of Attack Guilt”. In Applications of Data Mining in Computer Security, D. Barbarà and S. Jajodia (eds.), Kluwer Academic Publisher, 2002.[18] A. Lazarevic, J. Srivastava, and V. A. Kumar, “Survey of Intrusion Detection techniques”. Managing Cyber Threats: Issues, Approaches and Challenges, to be published by Kluwer in spring 2004.[19] Working Group 2 of the Joint Committee for Guides in Metrology (JCGM/WG 2). International vocabulary of metrology - Basic and general concepts and associated terms (VIM). 3rd edition. 2008. Disponible en: http://www.bipm.org/utils/common/documents/jcgm/JCGM_200_2008.pdf[20] Lincoln Laboratory of Massachusetts Institute Tecnology - MIT. Disponible en: http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/index.html[21] KDD Cup 1999. Disponible en: http:// kdd.ics.uci.edu/databases/kddcup99/kddcup99.html[22] The NSL-KDD Data Set. Disponible en: http://nsl.cs.unb.ca/NSL-KDD/[23] The University of Waikato. Disponible en: http://www.cs.waikato.ac.nz/~ml/weka/index.html[24] D. Graupe, Principles of Artificial Neural Networks, World Scientific Publishing Co. Pte. Ltd., Singapore. pp. 191-222, 1997.[25] S. Balakrishnama and A. Ganapathiraju, Linear Discriminant Analysis - A Brief Tutorial, Institute for Signal and Information Processing, Department of Electrical and Computer Engineering, Mississippi State University. 1998.[26] R. Fisher. “The Use of Multiple Measurements in Taxonomic Problems” In: Annals of Eugenics, 7, p. 179-188. 1936.[27] McLachlan. “Discriminant Analysis and Statistical Pattern Recognition” In: Wiley Interscience. 2004.[28] Martinez & Kak. “PCA versus LDA” In: IEEE Transactions on Pattern Analysis and Machine Intelligence, 23(2): 228-233. 2004.[29] V. Venkatachalam and S. Selvan. “Performance comparison of intrusion detection system classifiers using various feature reduction techniques”. International journal of simulation, 2008 - Citeseer.[30] A. Hyvärinen and E. Oja, “Independent Component Analysis: Algorithms and Applications”, Neural Networks, Volume 13, Issue 4-5 pp. 411-430. 2000.[31] I. T. Jolliffe, Principal Component Analysis, Springer Verlag, New York, NY, third edition. 2002.[32] K. Pearson, “On Lines and Planes of Closest Fit to Systems of Points in Space” (PDF). Philosophical Magazine 2 (6): 559-572. 1901.[33] T. Kohonen. “Self-organizing Maps”. Springer Series in Information Sciences. Volume 30, 1997. 2nd edition.[34] Kohonen’s Self Organizing Feature Maps. Disponible en: http://www.ai-junkie.com/ann/som/som1.html[35] Do Phuc, and Mai Xuan Hung, “Using SOM based Graph Clustering for Extracting Main Ideas from Documents”. Research, Innovation and Vision for the Future, 2008. RIVF 2008. IEEE International Conference on. pp. 209-214. July 2008.[36] I. Nakaoka, J.-I. Kushida and K. Kamei, “Proposal of Group Decision Support System Using “SOM” for Purchase of Automobiles”. Innovative Computing Information and Control, 2008. ICICIC ‘08. 3rd International Conference on p. 482. June 2008.[37] M. O. Afolabi and O. Olude, “Predicting Stock Prices Using a Hybrid Kohonen Self Organizing Map (SOM)”. System Sciences, 2007. HICSS 2007. 40th Annual Hawaii International Conference on. p. 48. Jan. 2007.[38] I. Manolakos and E. Logaras, “High throughput systolic SOM IP core for FPGAs”. Acoustics, Speech and Signal Processing, 2007. ICASSP 2007. IEEE International Conference on. pp. II-61 - II-64. April 2007.[39] Kuang Yin and Luo Gang, “Fault Pattern Recognition of Thermodynamic System Based on SOM”. Electrical and Control Engineering (ICECE), 2010. International Conference on. pp. 3742-3745. June 2010.[40] Hao Ying, Wang Li-qiang and Zhao Xi’an. “Automatic Roads Extraction From Highresolution Remote Sensing Images Based on SOM”. Natural Computation (ICNC), 2010 Sixth International Conference on. pp. 1194-1198. Aug. 2010.[41] H. Tokutaka, K. Yoshihara, K. Fujimura, K. Iwamoto, T. Watanabe and S. Kishida, “Applications of Self-organizing Maps (SOM) to the Composition Determination of Chemical Products”. Neural Networks Proceedings, 1998. IEEE World Congress on Computational Intelligence. The 1998 IEEE International Joint Conference on. pp. 301-305 vol. 1. May 1998.[42] Li Min and Wang Dongliang, “Anormaly Intrusion Detection Based on SOM”. Information Engineering, 2009. ICIE ‘09. WASE International Conference on. pp. 40-43. July 2009.[43] J.C. Patra, J. Abraham, P.K. Meher, and G. Chakraborty, “An Improved SOM-based Visualization Technique for DNA Microarray Data Analysis”. Neural Networks (IJCNN), The 2010 International Joint Conference on. pp. 1-7. July 2010.[44] Y . V. Venkatesh, S.K. Raja, and N. Ramya, “A Novel SOM-based Approach for Active Contour Modeling”. Intelligent Sensors, Sensor Networks and Information Processing Conference, 2004. Proceedings of the 2004. pp. 229-234. Dec. 2004.[45] E. Cuadros-Vargas, Recuperação de informação por similaridad e utilizando técnicas inteligentes. PhD thesis, Department of Computer Science - University of Sao Paulo. 2004.[46] J. Blackmore and R. Miikkulainen, “Incremental grid growing: Encoding highdimensional structure into a two-dimensional feature map”. In Proceedings of the International Conference on Neural Networks ICNN93, 1993, volume I, pp. 450- 455, Piscataway, NJ. IEEE Service Center.[47] D. Alahakoon, S. K. Halgamuge and B. Srinivasan, “A structure adapting feature map for optimal cluster representation”. In International Conference on Neural Information Processing ICONIP98, 1998. pp. 809-812.[48] B. Fritzke, “A growing neural gas network learns topologies”. In G. Tesauro, D. S. Touretzky and T. K. Leen, editors, Advances in Neural Information Processing Systems 7, 1995, pp. 625-632. MIT Press, Cambridge MA.[49] T. Martinetz and K. Schulten, “Topology representing networks”. Neural Networks, 1994. 7(3):507-522.[50] A. Ocsa, C. Bedregal and E. Cuadros-Vargas, “DB-GNG: A constructive self-organizing map based on density”. In Proceedings of the International Joint Conference on Neural Networks (IJCNN07). IEEE, 2007.[51] Y . Prudent and A. Ennaji, A k nearest classifier design. ELCVIA, 2005. 5(2): 58-71.[52] R. H. White, “Competitive hebbian learning: algorithm and demonstrations”. Neural Networks, 1992. 5(2): 261-275.[53] The Growing Hierarchical Self-Organizing Map. Department of Software Technology. Vienna University of Technology. Septiembre 2011. Disponible en: http://www.ifs.tuwien.ac.at/~andi/ghsom/description.html#inseINGE CUCINGE CUChttps://revistascientificas.cuc.edu.co/ingecuc/article/view/225IDS (Sistema de Detección de Intrusos)FDR (Razón Discriminante de Fisher)SOM (Mapas Auto-organizativos)Dataset NSL-KDD DARPAIDS (Intrusion Detection System)FDR (Fisher Discriminant Ratio)SOM (Self-Organizing Map)Dataset NSL-KDD DARPAModelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOMIntrusion detection model in network systems, making feature selection with fdr and classification-training stages with sArtículo de revistahttp://purl.org/coar/resource_type/c_6501http://purl.org/coar/resource_type/c_2df8fbb1Textinfo:eu-repo/semantics/articlehttp://purl.org/redcol/resource_type/ARTinfo:eu-repo/semantics/acceptedVersioninfo:eu-repo/semantics/openAccesshttp://purl.org/coar/access_right/c_abf2PublicationORIGINALModelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM.pdfModelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM.pdfapplication/pdf2124738https://repositorio.cuc.edu.co/bitstreams/2aa5ec42-df63-45d9-835f-3c8bd05e81d2/downloadc4ff4921ce806edc0e89a7cfcaf667bdMD51LICENSElicense.txtlicense.txttext/plain; charset=utf-81748https://repositorio.cuc.edu.co/bitstreams/9427ab2c-08af-4acc-9a37-27c7b417a2ae/download8a4605be74aa9ea9d79846c1fba20a33MD52THUMBNAILModelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM.pdf.jpgModelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM.pdf.jpgimage/jpeg47142https://repositorio.cuc.edu.co/bitstreams/10aa0b59-e3f4-4434-aeaf-bce73cc5103a/downloadc58d2346d9b1f3a90db0d05b9c5ebe13MD54TEXTModelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM.pdf.txtModelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM.pdf.txttext/plain88801https://repositorio.cuc.edu.co/bitstreams/c5c2a336-fa5e-45b2-8de1-baf8a98d89ab/download8d3f78b08d1c988227c1af0c89167684MD5511323/2659oai:repositorio.cuc.edu.co:11323/26592024-09-17 10:56:34.863open.accesshttps://repositorio.cuc.edu.coRepositorio de la Universidad de la Costa CUCrepdigital@cuc.edu.coTk9URTogUExBQ0UgWU9VUiBPV04gTElDRU5TRSBIRVJFClRoaXMgc2FtcGxlIGxpY2Vuc2UgaXMgcHJvdmlkZWQgZm9yIGluZm9ybWF0aW9uYWwgcHVycG9zZXMgb25seS4KCk5PTi1FWENMVVNJVkUgRElTVFJJQlVUSU9OIExJQ0VOU0UKCkJ5IHNpZ25pbmcgYW5kIHN1Ym1pdHRpbmcgdGhpcyBsaWNlbnNlLCB5b3UgKHRoZSBhdXRob3Iocykgb3IgY29weXJpZ2h0Cm93bmVyKSBncmFudHMgdG8gRFNwYWNlIFVuaXZlcnNpdHkgKERTVSkgdGhlIG5vbi1leGNsdXNpdmUgcmlnaHQgdG8gcmVwcm9kdWNlLAp0cmFuc2xhdGUgKGFzIGRlZmluZWQgYmVsb3cpLCBhbmQvb3IgZGlzdHJpYnV0ZSB5b3VyIHN1Ym1pc3Npb24gKGluY2x1ZGluZwp0aGUgYWJzdHJhY3QpIHdvcmxkd2lkZSBpbiBwcmludCBhbmQgZWxlY3Ryb25pYyBmb3JtYXQgYW5kIGluIGFueSBtZWRpdW0sCmluY2x1ZGluZyBidXQgbm90IGxpbWl0ZWQgdG8gYXVkaW8gb3IgdmlkZW8uCgpZb3UgYWdyZWUgdGhhdCBEU1UgbWF5LCB3aXRob3V0IGNoYW5naW5nIHRoZSBjb250ZW50LCB0cmFuc2xhdGUgdGhlCnN1Ym1pc3Npb24gdG8gYW55IG1lZGl1bSBvciBmb3JtYXQgZm9yIHRoZSBwdXJwb3NlIG9mIHByZXNlcnZhdGlvbi4KCllvdSBhbHNvIGFncmVlIHRoYXQgRFNVIG1heSBrZWVwIG1vcmUgdGhhbiBvbmUgY29weSBvZiB0aGlzIHN1Ym1pc3Npb24gZm9yCnB1cnBvc2VzIG9mIHNlY3VyaXR5LCBiYWNrLXVwIGFuZCBwcmVzZXJ2YXRpb24uCgpZb3UgcmVwcmVzZW50IHRoYXQgdGhlIHN1Ym1pc3Npb24gaXMgeW91ciBvcmlnaW5hbCB3b3JrLCBhbmQgdGhhdCB5b3UgaGF2ZQp0aGUgcmlnaHQgdG8gZ3JhbnQgdGhlIHJpZ2h0cyBjb250YWluZWQgaW4gdGhpcyBsaWNlbnNlLiBZb3UgYWxzbyByZXByZXNlbnQKdGhhdCB5b3VyIHN1Ym1pc3Npb24gZG9lcyBub3QsIHRvIHRoZSBiZXN0IG9mIHlvdXIga25vd2xlZGdlLCBpbmZyaW5nZSB1cG9uCmFueW9uZSdzIGNvcHlyaWdodC4KCklmIHRoZSBzdWJtaXNzaW9uIGNvbnRhaW5zIG1hdGVyaWFsIGZvciB3aGljaCB5b3UgZG8gbm90IGhvbGQgY29weXJpZ2h0LAp5b3UgcmVwcmVzZW50IHRoYXQgeW91IGhhdmUgb2J0YWluZWQgdGhlIHVucmVzdHJpY3RlZCBwZXJtaXNzaW9uIG9mIHRoZQpjb3B5cmlnaHQgb3duZXIgdG8gZ3JhbnQgRFNVIHRoZSByaWdodHMgcmVxdWlyZWQgYnkgdGhpcyBsaWNlbnNlLCBhbmQgdGhhdApzdWNoIHRoaXJkLXBhcnR5IG93bmVkIG1hdGVyaWFsIGlzIGNsZWFybHkgaWRlbnRpZmllZCBhbmQgYWNrbm93bGVkZ2VkCndpdGhpbiB0aGUgdGV4dCBvciBjb250ZW50IG9mIHRoZSBzdWJtaXNzaW9uLgoKSUYgVEhFIFNVQk1JU1NJT04gSVMgQkFTRUQgVVBPTiBXT1JLIFRIQVQgSEFTIEJFRU4gU1BPTlNPUkVEIE9SIFNVUFBPUlRFRApCWSBBTiBBR0VOQ1kgT1IgT1JHQU5JWkFUSU9OIE9USEVSIFRIQU4gRFNVLCBZT1UgUkVQUkVTRU5UIFRIQVQgWU9VIEhBVkUKRlVMRklMTEVEIEFOWSBSSUdIVCBPRiBSRVZJRVcgT1IgT1RIRVIgT0JMSUdBVElPTlMgUkVRVUlSRUQgQlkgU1VDSApDT05UUkFDVCBPUiBBR1JFRU1FTlQuCgpEU1Ugd2lsbCBjbGVhcmx5IGlkZW50aWZ5IHlvdXIgbmFtZShzKSBhcyB0aGUgYXV0aG9yKHMpIG9yIG93bmVyKHMpIG9mIHRoZQpzdWJtaXNzaW9uLCBhbmQgd2lsbCBub3QgbWFrZSBhbnkgYWx0ZXJhdGlvbiwgb3RoZXIgdGhhbiBhcyBhbGxvd2VkIGJ5IHRoaXMKbGljZW5zZSwgdG8geW91ciBzdWJtaXNzaW9uLgo=