Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM
Los Sistemas de Detección de Intrusos (IDS, por sus siglas en inglés) comerciales actuales clasifican el tráfico de red, detectando conexiones normales e intrusiones, mediante la aplicación de métodos basados en firmas; ello conlleva problemas pues solo se detectan intrusiones previamente conocidas...
- Autores:
-
De-La-Hoz-Franco, Emiro
De la Hoz Correa, Eduardo Miguel
Ortiz, Andrés
Ortega, Julio
- Tipo de recurso:
- Article of journal
- Fecha de publicación:
- 2012
- Institución:
- Corporación Universidad de la Costa
- Repositorio:
- REDICUC - Repositorio CUC
- Idioma:
- spa
- OAI Identifier:
- oai:repositorio.cuc.edu.co:11323/2659
- Acceso en línea:
- https://hdl.handle.net/11323/2659
https://repositorio.cuc.edu.co/
- Palabra clave:
- IDS (Sistema de Detección de Intrusos)
FDR (Razón Discriminante de Fisher)
SOM (Mapas Auto-organizativos)
Dataset NSL-KDD DARPA
IDS (Intrusion Detection System)
FDR (Fisher Discriminant Ratio)
SOM (Self-Organizing Map)
Dataset NSL-KDD DARPA
- Rights
- openAccess
- License
- http://purl.org/coar/access_right/c_abf2
id |
RCUC2_81ed7e95db1cd3a52bcadc2bce32fd0e |
---|---|
oai_identifier_str |
oai:repositorio.cuc.edu.co:11323/2659 |
network_acronym_str |
RCUC2 |
network_name_str |
REDICUC - Repositorio CUC |
repository_id_str |
|
dc.title.spa.fl_str_mv |
Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM |
dc.title.translated.eng.fl_str_mv |
Intrusion detection model in network systems, making feature selection with fdr and classification-training stages with s |
title |
Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM |
spellingShingle |
Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM IDS (Sistema de Detección de Intrusos) FDR (Razón Discriminante de Fisher) SOM (Mapas Auto-organizativos) Dataset NSL-KDD DARPA IDS (Intrusion Detection System) FDR (Fisher Discriminant Ratio) SOM (Self-Organizing Map) Dataset NSL-KDD DARPA |
title_short |
Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM |
title_full |
Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM |
title_fullStr |
Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM |
title_full_unstemmed |
Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM |
title_sort |
Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM |
dc.creator.fl_str_mv |
De-La-Hoz-Franco, Emiro De la Hoz Correa, Eduardo Miguel Ortiz, Andrés Ortega, Julio |
dc.contributor.author.spa.fl_str_mv |
De-La-Hoz-Franco, Emiro De la Hoz Correa, Eduardo Miguel Ortiz, Andrés Ortega, Julio |
dc.subject.spa.fl_str_mv |
IDS (Sistema de Detección de Intrusos) FDR (Razón Discriminante de Fisher) SOM (Mapas Auto-organizativos) Dataset NSL-KDD DARPA |
topic |
IDS (Sistema de Detección de Intrusos) FDR (Razón Discriminante de Fisher) SOM (Mapas Auto-organizativos) Dataset NSL-KDD DARPA IDS (Intrusion Detection System) FDR (Fisher Discriminant Ratio) SOM (Self-Organizing Map) Dataset NSL-KDD DARPA |
dc.subject.eng.fl_str_mv |
IDS (Intrusion Detection System) FDR (Fisher Discriminant Ratio) SOM (Self-Organizing Map) Dataset NSL-KDD DARPA |
description |
Los Sistemas de Detección de Intrusos (IDS, por sus siglas en inglés) comerciales actuales clasifican el tráfico de red, detectando conexiones normales e intrusiones, mediante la aplicación de métodos basados en firmas; ello conlleva problemas pues solo se detectan intrusiones previamente conocidas y existe desactualización periódica de la base de datos de firmas. En este artículo se evalúa la eficiencia de un modelo de detección de intrusiones de red propuesto, utilizando métricas de sensibilidad y especificidad, mediante un proceso de simulación que emplea el dataset NSL-KDD DARPA, seleccionando de éste las características más relevantes con FDR y entrenando una red neuronal que haga uso de un algoritmo de aprendizaje no supervisado basado en mapas auto-organizativos, con el propósito de clasificar el tráfico de la red en conexiones normales y ataques, de forma automática. La simulación generó métricas de sensibilidad del 99,69% y de especificidad del 56,15% utilizando 20 y 15 características, respectivamente |
publishDate |
2012 |
dc.date.issued.none.fl_str_mv |
2012-10-31 |
dc.date.accessioned.none.fl_str_mv |
2019-02-21T00:18:59Z |
dc.date.available.none.fl_str_mv |
2019-02-21T00:18:59Z |
dc.type.spa.fl_str_mv |
Artículo de revista |
dc.type.coar.fl_str_mv |
http://purl.org/coar/resource_type/c_2df8fbb1 |
dc.type.coar.spa.fl_str_mv |
http://purl.org/coar/resource_type/c_6501 |
dc.type.content.spa.fl_str_mv |
Text |
dc.type.driver.spa.fl_str_mv |
info:eu-repo/semantics/article |
dc.type.redcol.spa.fl_str_mv |
http://purl.org/redcol/resource_type/ART |
dc.type.version.spa.fl_str_mv |
info:eu-repo/semantics/acceptedVersion |
format |
http://purl.org/coar/resource_type/c_6501 |
status_str |
acceptedVersion |
dc.identifier.citation.spa.fl_str_mv |
De la Hoz Franco, E., De la Hoz Correa, E. M., Ortiz, A., & Ortega, J. (2012). Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM. INGE CUC, 8(1), 85-116. Recuperado a partir de https://revistascientificas.cuc.edu.co/ingecuc/article/view/225 |
dc.identifier.issn.spa.fl_str_mv |
0122-6517, 2382-4700 electrónico |
dc.identifier.uri.spa.fl_str_mv |
https://hdl.handle.net/11323/2659 |
dc.identifier.eissn.spa.fl_str_mv |
2382-4700 |
dc.identifier.instname.spa.fl_str_mv |
Corporación Universidad de la Costa |
dc.identifier.pissn.spa.fl_str_mv |
0122-6517 |
dc.identifier.reponame.spa.fl_str_mv |
REDICUC - Repositorio CUC |
dc.identifier.repourl.spa.fl_str_mv |
https://repositorio.cuc.edu.co/ |
identifier_str_mv |
De la Hoz Franco, E., De la Hoz Correa, E. M., Ortiz, A., & Ortega, J. (2012). Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM. INGE CUC, 8(1), 85-116. Recuperado a partir de https://revistascientificas.cuc.edu.co/ingecuc/article/view/225 0122-6517, 2382-4700 electrónico 2382-4700 Corporación Universidad de la Costa 0122-6517 REDICUC - Repositorio CUC |
url |
https://hdl.handle.net/11323/2659 https://repositorio.cuc.edu.co/ |
dc.language.iso.none.fl_str_mv |
spa |
language |
spa |
dc.relation.ispartofseries.spa.fl_str_mv |
INGE CUC; Vol. 8, Núm. 1 (2012) |
dc.relation.ispartofjournal.spa.fl_str_mv |
INGE CUC INGE CUC |
dc.relation.references.spa.fl_str_mv |
[1] SourceFire - Snort. Disponible en: http://www.snort.org/ [2] CheckPoint® Software Technologies Ltd. NFR (Network Flight Recorder). Disponible en: http://www.checkpoint.com/corporate/nfr/index.html [3] L. T. Heberlein. Network Security Monitor, Final Report. Lawrence Livermore National Laboratory (LLNL) and the University of California, Davis (UCD). February 1995. Disponible en: http://seclab.cs.ucdavis.edu/papers/NSM-final.pdf [4] CISCO System. Cisco Intrusion Detection (NetRanger). Disponible en: http://www.cisco.com/warp/public/cc/pd/sqsw/sqidsz/index.shtml [5] IBM. RealSecure Network Sensor. Disponible en: http://www-947.ibm.com/support/entry/portal/Overview/Software/Tivoli/ RealSecure_Network_Sensor [6] M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani. “A Detailed Analysis of the KDD CUP 99 Data Set”, IEEE Symposium on Computational Intelligence for Security and Defense Applications, 2009. CISDA 2009, pp. 1-6, july 2009. [7] M. Shyu, S. Chen, K. Sarinnapakorn, and L. Chang. “A novel anomaly detection scheme based on principal component classifier,” Proceedings of the IEEE Foundations and New Directions of Data Mining Workshop, in conjunction with the Third IEEE International Conference on Data Mining (ICDM03), pp. 172-179, 2003. [8] USC Information Sciences Intitute. “Common Intrusion Detection Framework”, Disponible en: http://gost.isi.edu/cidf/ [9] CIDF Working Group (Clifford Kahn, Don Bolinger and Dan Schnackenberg). DRAFT Specification. Communication in the Common Intrusion Detection Framework v 0.7. 8 June 1998. Disponible en: http://gost.isi.edu/cidf/drafts/communication.txt [10] Rich Feiertag, Cliff Kahn, Phil Porras, Dan Schnackenberg et al. A Common Intrusion Specification Language (CISL). 11 June 1999. Disponible en: http://gost.isi.edu/cidf/drafts/language.txt [11] Australian Computer Emergency Response Team. Disponible en: http://www.auscert.org.au/ [12] Internet Engineering Task Force. Disponible en: http://datatracker.ietf.org/wg/idwg/ [13] Common Vulnerabilities and Exposures -CVE. Disponible en: http://cve.mitre.org/about/index.html [14] Prelude Technologies. Disponible en: http://www.prelude-technologies.com/ [15] National Institute of Standards and Technology- National Computer Security Center. National Computer Security Conference. DIANE Publishing Company. October 1992. p. 272. [16] SRI - International a real-time Intrusion- Detection Expert System (IDES). Disponible en: http://www.csl.sri.com/ papers/9sri/9sri.pdf [17] S. Noel, D. Wijesekera, and C. Youman. “Modern Intrusion Detection, Data Mining, and Degrees of Attack Guilt”. In Applications of Data Mining in Computer Security, D. Barbarà and S. Jajodia (eds.), Kluwer Academic Publisher, 2002. [18] A. Lazarevic, J. Srivastava, and V. A. Kumar, “Survey of Intrusion Detection techniques”. Managing Cyber Threats: Issues, Approaches and Challenges, to be published by Kluwer in spring 2004. [19] Working Group 2 of the Joint Committee for Guides in Metrology (JCGM/WG 2). International vocabulary of metrology - Basic and general concepts and associated terms (VIM). 3rd edition. 2008. Disponible en: http://www.bipm.org/utils/common/documents/jcgm/JCGM_200_2008.pdf [20] Lincoln Laboratory of Massachusetts Institute Tecnology - MIT. Disponible en: http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/index.html [21] KDD Cup 1999. Disponible en: http:// kdd.ics.uci.edu/databases/kddcup99/kddcup99.html [22] The NSL-KDD Data Set. Disponible en: http://nsl.cs.unb.ca/NSL-KDD/ [23] The University of Waikato. Disponible en: http://www.cs.waikato.ac.nz/~ml/weka/index.html [24] D. Graupe, Principles of Artificial Neural Networks, World Scientific Publishing Co. Pte. Ltd., Singapore. pp. 191-222, 1997. [25] S. Balakrishnama and A. Ganapathiraju, Linear Discriminant Analysis - A Brief Tutorial, Institute for Signal and Information Processing, Department of Electrical and Computer Engineering, Mississippi State University. 1998. [26] R. Fisher. “The Use of Multiple Measurements in Taxonomic Problems” In: Annals of Eugenics, 7, p. 179-188. 1936. [27] McLachlan. “Discriminant Analysis and Statistical Pattern Recognition” In: Wiley Interscience. 2004. [28] Martinez & Kak. “PCA versus LDA” In: IEEE Transactions on Pattern Analysis and Machine Intelligence, 23(2): 228-233. 2004. [29] V. Venkatachalam and S. Selvan. “Performance comparison of intrusion detection system classifiers using various feature reduction techniques”. International journal of simulation, 2008 - Citeseer. [30] A. Hyvärinen and E. Oja, “Independent Component Analysis: Algorithms and Applications”, Neural Networks, Volume 13, Issue 4-5 pp. 411-430. 2000. [31] I. T. Jolliffe, Principal Component Analysis, Springer Verlag, New York, NY, third edition. 2002. [32] K. Pearson, “On Lines and Planes of Closest Fit to Systems of Points in Space” (PDF). Philosophical Magazine 2 (6): 559-572. 1901. [33] T. Kohonen. “Self-organizing Maps”. Springer Series in Information Sciences. Volume 30, 1997. 2nd edition. [34] Kohonen’s Self Organizing Feature Maps. Disponible en: http://www.ai-junkie.com/ann/som/som1.html [35] Do Phuc, and Mai Xuan Hung, “Using SOM based Graph Clustering for Extracting Main Ideas from Documents”. Research, Innovation and Vision for the Future, 2008. RIVF 2008. IEEE International Conference on. pp. 209-214. July 2008. [36] I. Nakaoka, J.-I. Kushida and K. Kamei, “Proposal of Group Decision Support System Using “SOM” for Purchase of Automobiles”. Innovative Computing Information and Control, 2008. ICICIC ‘08. 3rd International Conference on p. 482. June 2008. [37] M. O. Afolabi and O. Olude, “Predicting Stock Prices Using a Hybrid Kohonen Self Organizing Map (SOM)”. System Sciences, 2007. HICSS 2007. 40th Annual Hawaii International Conference on. p. 48. Jan. 2007. [38] I. Manolakos and E. Logaras, “High throughput systolic SOM IP core for FPGAs”. Acoustics, Speech and Signal Processing, 2007. ICASSP 2007. IEEE International Conference on. pp. II-61 - II-64. April 2007. [39] Kuang Yin and Luo Gang, “Fault Pattern Recognition of Thermodynamic System Based on SOM”. Electrical and Control Engineering (ICECE), 2010. International Conference on. pp. 3742-3745. June 2010. [40] Hao Ying, Wang Li-qiang and Zhao Xi’an. “Automatic Roads Extraction From Highresolution Remote Sensing Images Based on SOM”. Natural Computation (ICNC), 2010 Sixth International Conference on. pp. 1194-1198. Aug. 2010. [41] H. Tokutaka, K. Yoshihara, K. Fujimura, K. Iwamoto, T. Watanabe and S. Kishida, “Applications of Self-organizing Maps (SOM) to the Composition Determination of Chemical Products”. Neural Networks Proceedings, 1998. IEEE World Congress on Computational Intelligence. The 1998 IEEE International Joint Conference on. pp. 301-305 vol. 1. May 1998. [42] Li Min and Wang Dongliang, “Anormaly Intrusion Detection Based on SOM”. Information Engineering, 2009. ICIE ‘09. WASE International Conference on. pp. 40-43. July 2009. [43] J.C. Patra, J. Abraham, P.K. Meher, and G. Chakraborty, “An Improved SOM-based Visualization Technique for DNA Microarray Data Analysis”. Neural Networks (IJCNN), The 2010 International Joint Conference on. pp. 1-7. July 2010. [44] Y . V. Venkatesh, S.K. Raja, and N. Ramya, “A Novel SOM-based Approach for Active Contour Modeling”. Intelligent Sensors, Sensor Networks and Information Processing Conference, 2004. Proceedings of the 2004. pp. 229-234. Dec. 2004. [45] E. Cuadros-Vargas, Recuperação de informação por similaridad e utilizando técnicas inteligentes. PhD thesis, Department of Computer Science - University of Sao Paulo. 2004. [46] J. Blackmore and R. Miikkulainen, “Incremental grid growing: Encoding highdimensional structure into a two-dimensional feature map”. In Proceedings of the International Conference on Neural Networks ICNN93, 1993, volume I, pp. 450- 455, Piscataway, NJ. IEEE Service Center. [47] D. Alahakoon, S. K. Halgamuge and B. Srinivasan, “A structure adapting feature map for optimal cluster representation”. In International Conference on Neural Information Processing ICONIP98, 1998. pp. 809-812. [48] B. Fritzke, “A growing neural gas network learns topologies”. In G. Tesauro, D. S. Touretzky and T. K. Leen, editors, Advances in Neural Information Processing Systems 7, 1995, pp. 625-632. MIT Press, Cambridge MA. [49] T. Martinetz and K. Schulten, “Topology representing networks”. Neural Networks, 1994. 7(3):507-522. [50] A. Ocsa, C. Bedregal and E. Cuadros-Vargas, “DB-GNG: A constructive self-organizing map based on density”. In Proceedings of the International Joint Conference on Neural Networks (IJCNN07). IEEE, 2007. [51] Y . Prudent and A. Ennaji, A k nearest classifier design. ELCVIA, 2005. 5(2): 58-71. [52] R. H. White, “Competitive hebbian learning: algorithm and demonstrations”. Neural Networks, 1992. 5(2): 261-275. [53] The Growing Hierarchical Self-Organizing Map. Department of Software Technology. Vienna University of Technology. Septiembre 2011. Disponible en: http://www.ifs.tuwien.ac.at/~andi/ghsom/description.html#inse |
dc.relation.ispartofjournalabbrev.spa.fl_str_mv |
INGE CUC |
dc.rights.accessrights.spa.fl_str_mv |
info:eu-repo/semantics/openAccess |
dc.rights.coar.spa.fl_str_mv |
http://purl.org/coar/access_right/c_abf2 |
eu_rights_str_mv |
openAccess |
rights_invalid_str_mv |
http://purl.org/coar/access_right/c_abf2 |
dc.format.mimetype.spa.fl_str_mv |
application/pdf |
dc.publisher.spa.fl_str_mv |
Corporación Universidad de la Costa |
dc.source.spa.fl_str_mv |
INGE CUC |
institution |
Corporación Universidad de la Costa |
dc.source.url.spa.fl_str_mv |
https://revistascientificas.cuc.edu.co/ingecuc/article/view/225 |
bitstream.url.fl_str_mv |
https://repositorio.cuc.edu.co/bitstreams/2aa5ec42-df63-45d9-835f-3c8bd05e81d2/download https://repositorio.cuc.edu.co/bitstreams/9427ab2c-08af-4acc-9a37-27c7b417a2ae/download https://repositorio.cuc.edu.co/bitstreams/10aa0b59-e3f4-4434-aeaf-bce73cc5103a/download https://repositorio.cuc.edu.co/bitstreams/c5c2a336-fa5e-45b2-8de1-baf8a98d89ab/download |
bitstream.checksum.fl_str_mv |
c4ff4921ce806edc0e89a7cfcaf667bd 8a4605be74aa9ea9d79846c1fba20a33 c58d2346d9b1f3a90db0d05b9c5ebe13 8d3f78b08d1c988227c1af0c89167684 |
bitstream.checksumAlgorithm.fl_str_mv |
MD5 MD5 MD5 MD5 |
repository.name.fl_str_mv |
Repositorio de la Universidad de la Costa CUC |
repository.mail.fl_str_mv |
repdigital@cuc.edu.co |
_version_ |
1811760746386685952 |
spelling |
De-La-Hoz-Franco, EmiroDe la Hoz Correa, Eduardo MiguelOrtiz, AndrésOrtega, Julio2019-02-21T00:18:59Z2019-02-21T00:18:59Z2012-10-31De la Hoz Franco, E., De la Hoz Correa, E. M., Ortiz, A., & Ortega, J. (2012). Modelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM. INGE CUC, 8(1), 85-116. Recuperado a partir de https://revistascientificas.cuc.edu.co/ingecuc/article/view/2250122-6517, 2382-4700 electrónicohttps://hdl.handle.net/11323/26592382-4700Corporación Universidad de la Costa0122-6517REDICUC - Repositorio CUChttps://repositorio.cuc.edu.co/Los Sistemas de Detección de Intrusos (IDS, por sus siglas en inglés) comerciales actuales clasifican el tráfico de red, detectando conexiones normales e intrusiones, mediante la aplicación de métodos basados en firmas; ello conlleva problemas pues solo se detectan intrusiones previamente conocidas y existe desactualización periódica de la base de datos de firmas. En este artículo se evalúa la eficiencia de un modelo de detección de intrusiones de red propuesto, utilizando métricas de sensibilidad y especificidad, mediante un proceso de simulación que emplea el dataset NSL-KDD DARPA, seleccionando de éste las características más relevantes con FDR y entrenando una red neuronal que haga uso de un algoritmo de aprendizaje no supervisado basado en mapas auto-organizativos, con el propósito de clasificar el tráfico de la red en conexiones normales y ataques, de forma automática. La simulación generó métricas de sensibilidad del 99,69% y de especificidad del 56,15% utilizando 20 y 15 características, respectivamenteCurrent commercial IDSs classify network traffic, detecting both intrusions and normal con-nections by applying signature-based methods. This leads to problems since only intrusion detection previously known is detected and signature database is periodically outdated. This paper evaluates the efficiency of a proposed network intrusion detection model, using sen-sitivity and specificity metrics through a simulation process that uses the dataset NSL-KDD DARPA, selecting from this, the most relevant features with FDR and training a neural net-work that makes use of an unsupervised learning algorithm based on SOMs, in order to au-tomatically classify network’s traffic into normal and attack connections. Metrics generated by simulation were: sensitivity 99.69% and specificity 56.15%, using 20 and 15 features respectivelyDe la Hoz, Emiro-will be generated-orcid-0000-0002-4926-7414-0De la Hoz Correa, Eduardo Miguel-will be generated-orcid-0000-0001-7468-6058-0Ortiz, AndrésOrtega, Julioapplication/pdfspaCorporación Universidad de la CostaINGE CUC; Vol. 8, Núm. 1 (2012)INGE CUCINGE CUC[1] SourceFire - Snort. Disponible en: http://www.snort.org/[2] CheckPoint® Software Technologies Ltd. NFR (Network Flight Recorder). Disponible en: http://www.checkpoint.com/corporate/nfr/index.html[3] L. T. Heberlein. Network Security Monitor, Final Report. Lawrence Livermore National Laboratory (LLNL) and the University of California, Davis (UCD). February 1995. Disponible en: http://seclab.cs.ucdavis.edu/papers/NSM-final.pdf[4] CISCO System. Cisco Intrusion Detection (NetRanger). Disponible en: http://www.cisco.com/warp/public/cc/pd/sqsw/sqidsz/index.shtml[5] IBM. RealSecure Network Sensor. Disponible en: http://www-947.ibm.com/support/entry/portal/Overview/Software/Tivoli/ RealSecure_Network_Sensor[6] M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani. “A Detailed Analysis of the KDD CUP 99 Data Set”, IEEE Symposium on Computational Intelligence for Security and Defense Applications, 2009. CISDA 2009, pp. 1-6, july 2009.[7] M. Shyu, S. Chen, K. Sarinnapakorn, and L. Chang. “A novel anomaly detection scheme based on principal component classifier,” Proceedings of the IEEE Foundations and New Directions of Data Mining Workshop, in conjunction with the Third IEEE International Conference on Data Mining (ICDM03), pp. 172-179, 2003.[8] USC Information Sciences Intitute. “Common Intrusion Detection Framework”, Disponible en: http://gost.isi.edu/cidf/[9] CIDF Working Group (Clifford Kahn, Don Bolinger and Dan Schnackenberg). DRAFT Specification. Communication in the Common Intrusion Detection Framework v 0.7. 8 June 1998. Disponible en: http://gost.isi.edu/cidf/drafts/communication.txt[10] Rich Feiertag, Cliff Kahn, Phil Porras, Dan Schnackenberg et al. A Common Intrusion Specification Language (CISL). 11 June 1999. Disponible en: http://gost.isi.edu/cidf/drafts/language.txt[11] Australian Computer Emergency Response Team. Disponible en: http://www.auscert.org.au/[12] Internet Engineering Task Force. Disponible en: http://datatracker.ietf.org/wg/idwg/[13] Common Vulnerabilities and Exposures -CVE. Disponible en: http://cve.mitre.org/about/index.html[14] Prelude Technologies. Disponible en: http://www.prelude-technologies.com/[15] National Institute of Standards and Technology- National Computer Security Center. National Computer Security Conference. DIANE Publishing Company. October 1992. p. 272.[16] SRI - International a real-time Intrusion- Detection Expert System (IDES). Disponible en: http://www.csl.sri.com/ papers/9sri/9sri.pdf[17] S. Noel, D. Wijesekera, and C. Youman. “Modern Intrusion Detection, Data Mining, and Degrees of Attack Guilt”. In Applications of Data Mining in Computer Security, D. Barbarà and S. Jajodia (eds.), Kluwer Academic Publisher, 2002.[18] A. Lazarevic, J. Srivastava, and V. A. Kumar, “Survey of Intrusion Detection techniques”. Managing Cyber Threats: Issues, Approaches and Challenges, to be published by Kluwer in spring 2004.[19] Working Group 2 of the Joint Committee for Guides in Metrology (JCGM/WG 2). International vocabulary of metrology - Basic and general concepts and associated terms (VIM). 3rd edition. 2008. Disponible en: http://www.bipm.org/utils/common/documents/jcgm/JCGM_200_2008.pdf[20] Lincoln Laboratory of Massachusetts Institute Tecnology - MIT. Disponible en: http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/index.html[21] KDD Cup 1999. Disponible en: http:// kdd.ics.uci.edu/databases/kddcup99/kddcup99.html[22] The NSL-KDD Data Set. Disponible en: http://nsl.cs.unb.ca/NSL-KDD/[23] The University of Waikato. Disponible en: http://www.cs.waikato.ac.nz/~ml/weka/index.html[24] D. Graupe, Principles of Artificial Neural Networks, World Scientific Publishing Co. Pte. Ltd., Singapore. pp. 191-222, 1997.[25] S. Balakrishnama and A. Ganapathiraju, Linear Discriminant Analysis - A Brief Tutorial, Institute for Signal and Information Processing, Department of Electrical and Computer Engineering, Mississippi State University. 1998.[26] R. Fisher. “The Use of Multiple Measurements in Taxonomic Problems” In: Annals of Eugenics, 7, p. 179-188. 1936.[27] McLachlan. “Discriminant Analysis and Statistical Pattern Recognition” In: Wiley Interscience. 2004.[28] Martinez & Kak. “PCA versus LDA” In: IEEE Transactions on Pattern Analysis and Machine Intelligence, 23(2): 228-233. 2004.[29] V. Venkatachalam and S. Selvan. “Performance comparison of intrusion detection system classifiers using various feature reduction techniques”. International journal of simulation, 2008 - Citeseer.[30] A. Hyvärinen and E. Oja, “Independent Component Analysis: Algorithms and Applications”, Neural Networks, Volume 13, Issue 4-5 pp. 411-430. 2000.[31] I. T. Jolliffe, Principal Component Analysis, Springer Verlag, New York, NY, third edition. 2002.[32] K. Pearson, “On Lines and Planes of Closest Fit to Systems of Points in Space” (PDF). Philosophical Magazine 2 (6): 559-572. 1901.[33] T. Kohonen. “Self-organizing Maps”. Springer Series in Information Sciences. Volume 30, 1997. 2nd edition.[34] Kohonen’s Self Organizing Feature Maps. Disponible en: http://www.ai-junkie.com/ann/som/som1.html[35] Do Phuc, and Mai Xuan Hung, “Using SOM based Graph Clustering for Extracting Main Ideas from Documents”. Research, Innovation and Vision for the Future, 2008. RIVF 2008. IEEE International Conference on. pp. 209-214. July 2008.[36] I. Nakaoka, J.-I. Kushida and K. Kamei, “Proposal of Group Decision Support System Using “SOM” for Purchase of Automobiles”. Innovative Computing Information and Control, 2008. ICICIC ‘08. 3rd International Conference on p. 482. June 2008.[37] M. O. Afolabi and O. Olude, “Predicting Stock Prices Using a Hybrid Kohonen Self Organizing Map (SOM)”. System Sciences, 2007. HICSS 2007. 40th Annual Hawaii International Conference on. p. 48. Jan. 2007.[38] I. Manolakos and E. Logaras, “High throughput systolic SOM IP core for FPGAs”. Acoustics, Speech and Signal Processing, 2007. ICASSP 2007. IEEE International Conference on. pp. II-61 - II-64. April 2007.[39] Kuang Yin and Luo Gang, “Fault Pattern Recognition of Thermodynamic System Based on SOM”. Electrical and Control Engineering (ICECE), 2010. International Conference on. pp. 3742-3745. June 2010.[40] Hao Ying, Wang Li-qiang and Zhao Xi’an. “Automatic Roads Extraction From Highresolution Remote Sensing Images Based on SOM”. Natural Computation (ICNC), 2010 Sixth International Conference on. pp. 1194-1198. Aug. 2010.[41] H. Tokutaka, K. Yoshihara, K. Fujimura, K. Iwamoto, T. Watanabe and S. Kishida, “Applications of Self-organizing Maps (SOM) to the Composition Determination of Chemical Products”. Neural Networks Proceedings, 1998. IEEE World Congress on Computational Intelligence. The 1998 IEEE International Joint Conference on. pp. 301-305 vol. 1. May 1998.[42] Li Min and Wang Dongliang, “Anormaly Intrusion Detection Based on SOM”. Information Engineering, 2009. ICIE ‘09. WASE International Conference on. pp. 40-43. July 2009.[43] J.C. Patra, J. Abraham, P.K. Meher, and G. Chakraborty, “An Improved SOM-based Visualization Technique for DNA Microarray Data Analysis”. Neural Networks (IJCNN), The 2010 International Joint Conference on. pp. 1-7. July 2010.[44] Y . V. Venkatesh, S.K. Raja, and N. Ramya, “A Novel SOM-based Approach for Active Contour Modeling”. Intelligent Sensors, Sensor Networks and Information Processing Conference, 2004. Proceedings of the 2004. pp. 229-234. Dec. 2004.[45] E. Cuadros-Vargas, Recuperação de informação por similaridad e utilizando técnicas inteligentes. PhD thesis, Department of Computer Science - University of Sao Paulo. 2004.[46] J. Blackmore and R. Miikkulainen, “Incremental grid growing: Encoding highdimensional structure into a two-dimensional feature map”. In Proceedings of the International Conference on Neural Networks ICNN93, 1993, volume I, pp. 450- 455, Piscataway, NJ. IEEE Service Center.[47] D. Alahakoon, S. K. Halgamuge and B. Srinivasan, “A structure adapting feature map for optimal cluster representation”. In International Conference on Neural Information Processing ICONIP98, 1998. pp. 809-812.[48] B. Fritzke, “A growing neural gas network learns topologies”. In G. Tesauro, D. S. Touretzky and T. K. Leen, editors, Advances in Neural Information Processing Systems 7, 1995, pp. 625-632. MIT Press, Cambridge MA.[49] T. Martinetz and K. Schulten, “Topology representing networks”. Neural Networks, 1994. 7(3):507-522.[50] A. Ocsa, C. Bedregal and E. Cuadros-Vargas, “DB-GNG: A constructive self-organizing map based on density”. In Proceedings of the International Joint Conference on Neural Networks (IJCNN07). IEEE, 2007.[51] Y . Prudent and A. Ennaji, A k nearest classifier design. ELCVIA, 2005. 5(2): 58-71.[52] R. H. White, “Competitive hebbian learning: algorithm and demonstrations”. Neural Networks, 1992. 5(2): 261-275.[53] The Growing Hierarchical Self-Organizing Map. Department of Software Technology. Vienna University of Technology. Septiembre 2011. Disponible en: http://www.ifs.tuwien.ac.at/~andi/ghsom/description.html#inseINGE CUCINGE CUChttps://revistascientificas.cuc.edu.co/ingecuc/article/view/225IDS (Sistema de Detección de Intrusos)FDR (Razón Discriminante de Fisher)SOM (Mapas Auto-organizativos)Dataset NSL-KDD DARPAIDS (Intrusion Detection System)FDR (Fisher Discriminant Ratio)SOM (Self-Organizing Map)Dataset NSL-KDD DARPAModelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOMIntrusion detection model in network systems, making feature selection with fdr and classification-training stages with sArtículo de revistahttp://purl.org/coar/resource_type/c_6501http://purl.org/coar/resource_type/c_2df8fbb1Textinfo:eu-repo/semantics/articlehttp://purl.org/redcol/resource_type/ARTinfo:eu-repo/semantics/acceptedVersioninfo:eu-repo/semantics/openAccesshttp://purl.org/coar/access_right/c_abf2PublicationORIGINALModelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM.pdfModelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM.pdfapplication/pdf2124738https://repositorio.cuc.edu.co/bitstreams/2aa5ec42-df63-45d9-835f-3c8bd05e81d2/downloadc4ff4921ce806edc0e89a7cfcaf667bdMD51LICENSElicense.txtlicense.txttext/plain; charset=utf-81748https://repositorio.cuc.edu.co/bitstreams/9427ab2c-08af-4acc-9a37-27c7b417a2ae/download8a4605be74aa9ea9d79846c1fba20a33MD52THUMBNAILModelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM.pdf.jpgModelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM.pdf.jpgimage/jpeg47142https://repositorio.cuc.edu.co/bitstreams/10aa0b59-e3f4-4434-aeaf-bce73cc5103a/downloadc58d2346d9b1f3a90db0d05b9c5ebe13MD54TEXTModelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM.pdf.txtModelo de detección de intrusiones en sistemas de red, realizando selección de características con FDR y entrenamiento y clasificación con SOM.pdf.txttext/plain88801https://repositorio.cuc.edu.co/bitstreams/c5c2a336-fa5e-45b2-8de1-baf8a98d89ab/download8d3f78b08d1c988227c1af0c89167684MD5511323/2659oai:repositorio.cuc.edu.co:11323/26592024-09-17 10:56:34.863open.accesshttps://repositorio.cuc.edu.coRepositorio de la Universidad de la Costa CUCrepdigital@cuc.edu.coTk9URTogUExBQ0UgWU9VUiBPV04gTElDRU5TRSBIRVJFClRoaXMgc2FtcGxlIGxpY2Vuc2UgaXMgcHJvdmlkZWQgZm9yIGluZm9ybWF0aW9uYWwgcHVycG9zZXMgb25seS4KCk5PTi1FWENMVVNJVkUgRElTVFJJQlVUSU9OIExJQ0VOU0UKCkJ5IHNpZ25pbmcgYW5kIHN1Ym1pdHRpbmcgdGhpcyBsaWNlbnNlLCB5b3UgKHRoZSBhdXRob3Iocykgb3IgY29weXJpZ2h0Cm93bmVyKSBncmFudHMgdG8gRFNwYWNlIFVuaXZlcnNpdHkgKERTVSkgdGhlIG5vbi1leGNsdXNpdmUgcmlnaHQgdG8gcmVwcm9kdWNlLAp0cmFuc2xhdGUgKGFzIGRlZmluZWQgYmVsb3cpLCBhbmQvb3IgZGlzdHJpYnV0ZSB5b3VyIHN1Ym1pc3Npb24gKGluY2x1ZGluZwp0aGUgYWJzdHJhY3QpIHdvcmxkd2lkZSBpbiBwcmludCBhbmQgZWxlY3Ryb25pYyBmb3JtYXQgYW5kIGluIGFueSBtZWRpdW0sCmluY2x1ZGluZyBidXQgbm90IGxpbWl0ZWQgdG8gYXVkaW8gb3IgdmlkZW8uCgpZb3UgYWdyZWUgdGhhdCBEU1UgbWF5LCB3aXRob3V0IGNoYW5naW5nIHRoZSBjb250ZW50LCB0cmFuc2xhdGUgdGhlCnN1Ym1pc3Npb24gdG8gYW55IG1lZGl1bSBvciBmb3JtYXQgZm9yIHRoZSBwdXJwb3NlIG9mIHByZXNlcnZhdGlvbi4KCllvdSBhbHNvIGFncmVlIHRoYXQgRFNVIG1heSBrZWVwIG1vcmUgdGhhbiBvbmUgY29weSBvZiB0aGlzIHN1Ym1pc3Npb24gZm9yCnB1cnBvc2VzIG9mIHNlY3VyaXR5LCBiYWNrLXVwIGFuZCBwcmVzZXJ2YXRpb24uCgpZb3UgcmVwcmVzZW50IHRoYXQgdGhlIHN1Ym1pc3Npb24gaXMgeW91ciBvcmlnaW5hbCB3b3JrLCBhbmQgdGhhdCB5b3UgaGF2ZQp0aGUgcmlnaHQgdG8gZ3JhbnQgdGhlIHJpZ2h0cyBjb250YWluZWQgaW4gdGhpcyBsaWNlbnNlLiBZb3UgYWxzbyByZXByZXNlbnQKdGhhdCB5b3VyIHN1Ym1pc3Npb24gZG9lcyBub3QsIHRvIHRoZSBiZXN0IG9mIHlvdXIga25vd2xlZGdlLCBpbmZyaW5nZSB1cG9uCmFueW9uZSdzIGNvcHlyaWdodC4KCklmIHRoZSBzdWJtaXNzaW9uIGNvbnRhaW5zIG1hdGVyaWFsIGZvciB3aGljaCB5b3UgZG8gbm90IGhvbGQgY29weXJpZ2h0LAp5b3UgcmVwcmVzZW50IHRoYXQgeW91IGhhdmUgb2J0YWluZWQgdGhlIHVucmVzdHJpY3RlZCBwZXJtaXNzaW9uIG9mIHRoZQpjb3B5cmlnaHQgb3duZXIgdG8gZ3JhbnQgRFNVIHRoZSByaWdodHMgcmVxdWlyZWQgYnkgdGhpcyBsaWNlbnNlLCBhbmQgdGhhdApzdWNoIHRoaXJkLXBhcnR5IG93bmVkIG1hdGVyaWFsIGlzIGNsZWFybHkgaWRlbnRpZmllZCBhbmQgYWNrbm93bGVkZ2VkCndpdGhpbiB0aGUgdGV4dCBvciBjb250ZW50IG9mIHRoZSBzdWJtaXNzaW9uLgoKSUYgVEhFIFNVQk1JU1NJT04gSVMgQkFTRUQgVVBPTiBXT1JLIFRIQVQgSEFTIEJFRU4gU1BPTlNPUkVEIE9SIFNVUFBPUlRFRApCWSBBTiBBR0VOQ1kgT1IgT1JHQU5JWkFUSU9OIE9USEVSIFRIQU4gRFNVLCBZT1UgUkVQUkVTRU5UIFRIQVQgWU9VIEhBVkUKRlVMRklMTEVEIEFOWSBSSUdIVCBPRiBSRVZJRVcgT1IgT1RIRVIgT0JMSUdBVElPTlMgUkVRVUlSRUQgQlkgU1VDSApDT05UUkFDVCBPUiBBR1JFRU1FTlQuCgpEU1Ugd2lsbCBjbGVhcmx5IGlkZW50aWZ5IHlvdXIgbmFtZShzKSBhcyB0aGUgYXV0aG9yKHMpIG9yIG93bmVyKHMpIG9mIHRoZQpzdWJtaXNzaW9uLCBhbmQgd2lsbCBub3QgbWFrZSBhbnkgYWx0ZXJhdGlvbiwgb3RoZXIgdGhhbiBhcyBhbGxvd2VkIGJ5IHRoaXMKbGljZW5zZSwgdG8geW91ciBzdWJtaXNzaW9uLgo= |