PCA filtering and probabilistic SOM for network intrusion detection

The growth of the Internet and, consequently, the number of interconnected computers, has exposed significant amounts of information to intruders and attackers. Firewalls aim to detect violations according to a predefined rule-set and usually block potentially dangerous incoming traffic. However, wi...

Full description

Autores:
De la Hoz Correa, Eduardo Miguel
De la Hoz, Emiro
Ortiz, Andrés
Ortega, Julio
Prieto, Beatriz
Tipo de recurso:
Article of journal
Fecha de publicación:
2015
Institución:
Corporación Universidad de la Costa
Repositorio:
REDICUC - Repositorio CUC
Idioma:
eng
OAI Identifier:
oai:repositorio.cuc.edu.co:11323/1011
Acceso en línea:
https://hdl.handle.net/11323/1011
https://repositorio.cuc.edu.co/
Palabra clave:
Bayesian SOM
IDS
PCA filtering
Probabilistic SOM
Self-organizing maps
Rights
openAccess
License
Atribución – No comercial – Compartir igual
id RCUC2_9918c0435c0cd1ec21bc5e7792499037
oai_identifier_str oai:repositorio.cuc.edu.co:11323/1011
network_acronym_str RCUC2
network_name_str REDICUC - Repositorio CUC
repository_id_str
dc.title.eng.fl_str_mv PCA filtering and probabilistic SOM for network intrusion detection
title PCA filtering and probabilistic SOM for network intrusion detection
spellingShingle PCA filtering and probabilistic SOM for network intrusion detection
Bayesian SOM
IDS
PCA filtering
Probabilistic SOM
Self-organizing maps
title_short PCA filtering and probabilistic SOM for network intrusion detection
title_full PCA filtering and probabilistic SOM for network intrusion detection
title_fullStr PCA filtering and probabilistic SOM for network intrusion detection
title_full_unstemmed PCA filtering and probabilistic SOM for network intrusion detection
title_sort PCA filtering and probabilistic SOM for network intrusion detection
dc.creator.fl_str_mv De la Hoz Correa, Eduardo Miguel
De la Hoz, Emiro
Ortiz, Andrés
Ortega, Julio
Prieto, Beatriz
dc.contributor.author.spa.fl_str_mv De la Hoz Correa, Eduardo Miguel
De la Hoz, Emiro
Ortiz, Andrés
Ortega, Julio
Prieto, Beatriz
dc.subject.eng.fl_str_mv Bayesian SOM
IDS
PCA filtering
Probabilistic SOM
Self-organizing maps
topic Bayesian SOM
IDS
PCA filtering
Probabilistic SOM
Self-organizing maps
description The growth of the Internet and, consequently, the number of interconnected computers, has exposed significant amounts of information to intruders and attackers. Firewalls aim to detect violations according to a predefined rule-set and usually block potentially dangerous incoming traffic. However, with the evolution of attack techniques, it is more difficult to distinguish anomalies from normal traffic. Different detection approaches have been proposed, including the use of machine learning techniques based on neural models such as Self-Organizing Maps (SOMs). In this paper, we present a classification approach that hybridizes statistical techniques and SOM for network anomaly detection. Thus, while Principal Component Analysis (PCA) and Fisher Discriminant Ratio (FDR) have been considered for feature selection and noise removal, Probabilistic Self-Organizing Maps (PSOM) aim to model the feature space and enable distinguishing between normal and anomalous connections.
publishDate 2015
dc.date.issued.none.fl_str_mv 2015
dc.date.accessioned.none.fl_str_mv 2018-11-14T21:20:38Z
dc.date.available.none.fl_str_mv 2018-11-14T21:20:38Z
dc.type.spa.fl_str_mv Artículo de revista
dc.type.coar.fl_str_mv http://purl.org/coar/resource_type/c_2df8fbb1
dc.type.coar.spa.fl_str_mv http://purl.org/coar/resource_type/c_6501
dc.type.content.spa.fl_str_mv Text
dc.type.driver.spa.fl_str_mv info:eu-repo/semantics/article
dc.type.redcol.spa.fl_str_mv http://purl.org/redcol/resource_type/ART
dc.type.version.spa.fl_str_mv info:eu-repo/semantics/acceptedVersion
format http://purl.org/coar/resource_type/c_6501
status_str acceptedVersion
dc.identifier.issn.spa.fl_str_mv 0925-2312
dc.identifier.uri.spa.fl_str_mv https://hdl.handle.net/11323/1011
dc.identifier.instname.spa.fl_str_mv Corporación Universidad de la Costa
dc.identifier.reponame.spa.fl_str_mv REDICUC - Repositorio CUC
dc.identifier.repourl.spa.fl_str_mv https://repositorio.cuc.edu.co/
identifier_str_mv 0925-2312
Corporación Universidad de la Costa
REDICUC - Repositorio CUC
url https://hdl.handle.net/11323/1011
https://repositorio.cuc.edu.co/
dc.language.iso.none.fl_str_mv eng
language eng
dc.rights.spa.fl_str_mv Atribución – No comercial – Compartir igual
dc.rights.accessrights.spa.fl_str_mv info:eu-repo/semantics/openAccess
dc.rights.coar.spa.fl_str_mv http://purl.org/coar/access_right/c_abf2
rights_invalid_str_mv Atribución – No comercial – Compartir igual
http://purl.org/coar/access_right/c_abf2
eu_rights_str_mv openAccess
dc.publisher.spa.fl_str_mv Neurocomputing
dc.source.spa.fl_str_mv Neurocomputing
institution Corporación Universidad de la Costa
dc.source.url.spa.fl_str_mv https://www.sciencedirect.com/science/article/abs/pii/S0925231215002982
bitstream.url.fl_str_mv https://repositorio.cuc.edu.co/bitstreams/3d4f6a9a-70d2-4090-8bf2-9b7aac33d937/download
https://repositorio.cuc.edu.co/bitstreams/416384b7-73df-4c19-9d04-96e3e4d3e34b/download
https://repositorio.cuc.edu.co/bitstreams/ad987693-9594-408b-a113-c8d77c0596fb/download
https://repositorio.cuc.edu.co/bitstreams/74289359-1519-43b5-a675-694835af5197/download
bitstream.checksum.fl_str_mv 7067826286c106335df9d2fa0a36ab53
8a4605be74aa9ea9d79846c1fba20a33
5a14cd246f1f676110c2d9c43795ede4
3b92c8a082366409f53868bdc0f4fe32
bitstream.checksumAlgorithm.fl_str_mv MD5
MD5
MD5
MD5
repository.name.fl_str_mv Repositorio de la Universidad de la Costa CUC
repository.mail.fl_str_mv repdigital@cuc.edu.co
_version_ 1811760828547858432
spelling De la Hoz Correa, Eduardo MiguelDe la Hoz, EmiroOrtiz, AndrésOrtega, JulioPrieto, Beatriz2018-11-14T21:20:38Z2018-11-14T21:20:38Z20150925-2312https://hdl.handle.net/11323/1011Corporación Universidad de la CostaREDICUC - Repositorio CUChttps://repositorio.cuc.edu.co/The growth of the Internet and, consequently, the number of interconnected computers, has exposed significant amounts of information to intruders and attackers. Firewalls aim to detect violations according to a predefined rule-set and usually block potentially dangerous incoming traffic. However, with the evolution of attack techniques, it is more difficult to distinguish anomalies from normal traffic. Different detection approaches have been proposed, including the use of machine learning techniques based on neural models such as Self-Organizing Maps (SOMs). In this paper, we present a classification approach that hybridizes statistical techniques and SOM for network anomaly detection. Thus, while Principal Component Analysis (PCA) and Fisher Discriminant Ratio (FDR) have been considered for feature selection and noise removal, Probabilistic Self-Organizing Maps (PSOM) aim to model the feature space and enable distinguishing between normal and anomalous connections.De la Hoz Correa, Eduardo Miguel-will be generated-orcid-0000-0001-7468-6058-0De la Hoz, Emiro-will be generated-orcid-0000-0002-4926-7414-600Ortiz, Andrés-3743e2e5-f13e-4950-8c12-d42d0ab7ccfe-0Ortega, Julio-3b8c20e7-bbcc-4bbd-8ad8-37acc5756525-0Prieto, Beatriz-36d7ad57-9aa1-4c19-82c0-422bdfb40aa7-0engNeurocomputingAtribución – No comercial – Compartir igualinfo:eu-repo/semantics/openAccesshttp://purl.org/coar/access_right/c_abf2Neurocomputinghttps://www.sciencedirect.com/science/article/abs/pii/S0925231215002982Bayesian SOMIDSPCA filteringProbabilistic SOMSelf-organizing mapsPCA filtering and probabilistic SOM for network intrusion detectionArtículo de revistahttp://purl.org/coar/resource_type/c_6501http://purl.org/coar/resource_type/c_2df8fbb1Textinfo:eu-repo/semantics/articlehttp://purl.org/redcol/resource_type/ARTinfo:eu-repo/semantics/acceptedVersionPublicationORIGINALPCA filtering and probabilistic SOM for network intrusion detection.pdfPCA filtering and probabilistic SOM for network intrusion detection.pdfapplication/pdf177764https://repositorio.cuc.edu.co/bitstreams/3d4f6a9a-70d2-4090-8bf2-9b7aac33d937/download7067826286c106335df9d2fa0a36ab53MD51LICENSElicense.txtlicense.txttext/plain; charset=utf-81748https://repositorio.cuc.edu.co/bitstreams/416384b7-73df-4c19-9d04-96e3e4d3e34b/download8a4605be74aa9ea9d79846c1fba20a33MD52THUMBNAILPCA filtering and probabilistic SOM for network intrusion detection.pdf.jpgPCA filtering and probabilistic SOM for network intrusion detection.pdf.jpgimage/jpeg36188https://repositorio.cuc.edu.co/bitstreams/ad987693-9594-408b-a113-c8d77c0596fb/download5a14cd246f1f676110c2d9c43795ede4MD54TEXTPCA filtering and probabilistic SOM for network intrusion detection.pdf.txtPCA filtering and probabilistic SOM for network intrusion detection.pdf.txttext/plain1242https://repositorio.cuc.edu.co/bitstreams/74289359-1519-43b5-a675-694835af5197/download3b92c8a082366409f53868bdc0f4fe32MD5511323/1011oai:repositorio.cuc.edu.co:11323/10112024-09-17 14:06:31.184open.accesshttps://repositorio.cuc.edu.coRepositorio de la Universidad de la Costa CUCrepdigital@cuc.edu.coTk9URTogUExBQ0UgWU9VUiBPV04gTElDRU5TRSBIRVJFClRoaXMgc2FtcGxlIGxpY2Vuc2UgaXMgcHJvdmlkZWQgZm9yIGluZm9ybWF0aW9uYWwgcHVycG9zZXMgb25seS4KCk5PTi1FWENMVVNJVkUgRElTVFJJQlVUSU9OIExJQ0VOU0UKCkJ5IHNpZ25pbmcgYW5kIHN1Ym1pdHRpbmcgdGhpcyBsaWNlbnNlLCB5b3UgKHRoZSBhdXRob3Iocykgb3IgY29weXJpZ2h0Cm93bmVyKSBncmFudHMgdG8gRFNwYWNlIFVuaXZlcnNpdHkgKERTVSkgdGhlIG5vbi1leGNsdXNpdmUgcmlnaHQgdG8gcmVwcm9kdWNlLAp0cmFuc2xhdGUgKGFzIGRlZmluZWQgYmVsb3cpLCBhbmQvb3IgZGlzdHJpYnV0ZSB5b3VyIHN1Ym1pc3Npb24gKGluY2x1ZGluZwp0aGUgYWJzdHJhY3QpIHdvcmxkd2lkZSBpbiBwcmludCBhbmQgZWxlY3Ryb25pYyBmb3JtYXQgYW5kIGluIGFueSBtZWRpdW0sCmluY2x1ZGluZyBidXQgbm90IGxpbWl0ZWQgdG8gYXVkaW8gb3IgdmlkZW8uCgpZb3UgYWdyZWUgdGhhdCBEU1UgbWF5LCB3aXRob3V0IGNoYW5naW5nIHRoZSBjb250ZW50LCB0cmFuc2xhdGUgdGhlCnN1Ym1pc3Npb24gdG8gYW55IG1lZGl1bSBvciBmb3JtYXQgZm9yIHRoZSBwdXJwb3NlIG9mIHByZXNlcnZhdGlvbi4KCllvdSBhbHNvIGFncmVlIHRoYXQgRFNVIG1heSBrZWVwIG1vcmUgdGhhbiBvbmUgY29weSBvZiB0aGlzIHN1Ym1pc3Npb24gZm9yCnB1cnBvc2VzIG9mIHNlY3VyaXR5LCBiYWNrLXVwIGFuZCBwcmVzZXJ2YXRpb24uCgpZb3UgcmVwcmVzZW50IHRoYXQgdGhlIHN1Ym1pc3Npb24gaXMgeW91ciBvcmlnaW5hbCB3b3JrLCBhbmQgdGhhdCB5b3UgaGF2ZQp0aGUgcmlnaHQgdG8gZ3JhbnQgdGhlIHJpZ2h0cyBjb250YWluZWQgaW4gdGhpcyBsaWNlbnNlLiBZb3UgYWxzbyByZXByZXNlbnQKdGhhdCB5b3VyIHN1Ym1pc3Npb24gZG9lcyBub3QsIHRvIHRoZSBiZXN0IG9mIHlvdXIga25vd2xlZGdlLCBpbmZyaW5nZSB1cG9uCmFueW9uZSdzIGNvcHlyaWdodC4KCklmIHRoZSBzdWJtaXNzaW9uIGNvbnRhaW5zIG1hdGVyaWFsIGZvciB3aGljaCB5b3UgZG8gbm90IGhvbGQgY29weXJpZ2h0LAp5b3UgcmVwcmVzZW50IHRoYXQgeW91IGhhdmUgb2J0YWluZWQgdGhlIHVucmVzdHJpY3RlZCBwZXJtaXNzaW9uIG9mIHRoZQpjb3B5cmlnaHQgb3duZXIgdG8gZ3JhbnQgRFNVIHRoZSByaWdodHMgcmVxdWlyZWQgYnkgdGhpcyBsaWNlbnNlLCBhbmQgdGhhdApzdWNoIHRoaXJkLXBhcnR5IG93bmVkIG1hdGVyaWFsIGlzIGNsZWFybHkgaWRlbnRpZmllZCBhbmQgYWNrbm93bGVkZ2VkCndpdGhpbiB0aGUgdGV4dCBvciBjb250ZW50IG9mIHRoZSBzdWJtaXNzaW9uLgoKSUYgVEhFIFNVQk1JU1NJT04gSVMgQkFTRUQgVVBPTiBXT1JLIFRIQVQgSEFTIEJFRU4gU1BPTlNPUkVEIE9SIFNVUFBPUlRFRApCWSBBTiBBR0VOQ1kgT1IgT1JHQU5JWkFUSU9OIE9USEVSIFRIQU4gRFNVLCBZT1UgUkVQUkVTRU5UIFRIQVQgWU9VIEhBVkUKRlVMRklMTEVEIEFOWSBSSUdIVCBPRiBSRVZJRVcgT1IgT1RIRVIgT0JMSUdBVElPTlMgUkVRVUlSRUQgQlkgU1VDSApDT05UUkFDVCBPUiBBR1JFRU1FTlQuCgpEU1Ugd2lsbCBjbGVhcmx5IGlkZW50aWZ5IHlvdXIgbmFtZShzKSBhcyB0aGUgYXV0aG9yKHMpIG9yIG93bmVyKHMpIG9mIHRoZQpzdWJtaXNzaW9uLCBhbmQgd2lsbCBub3QgbWFrZSBhbnkgYWx0ZXJhdGlvbiwgb3RoZXIgdGhhbiBhcyBhbGxvd2VkIGJ5IHRoaXMKbGljZW5zZSwgdG8geW91ciBzdWJtaXNzaW9uLgo=