Home   >   CSC-OpenAccess Library   >    Manuscript Information
Implementation of Echostate Network in NIDS
Meera Gandhi, S.K. Srivatsa
Pages - 73 - 86     |    Revised - 15-02-2008     |    Published - 30-02-2008
Volume - 2   Issue - 1    |    Publication Date - February 2008  Table of Contents
MORE INFORMATION
KEYWORDS
Echo state network, Intrusion detection, misuse detection, neural networks, computer security
ABSTRACT
Identifying instances of network attacks by comparing current activity against the expected actions of an intruder has become an important. Most current approaches to misuse detection involve the use of rule-based expert systems to identify indications of known attacks. Artificial neural networks provide the potential to identify and classify network activity based on limited, incomplete, and nonlinear data sources. Transmission of data over the internet keeps on increasing, which needs to protect connected systems also increasing. Intrusion Detection Systems (IDSs) are the latest technology used for this purpose. Although the field of IDSs is still developing, the systems that do exist are still not complete, in the sense that they are not able to detect all types of intrusions. Some attacks which are detected by various tools available today cannot be detected by other products, depending on the types and methods that they are built on. In this work, an artificial neural network using echo state network algorithm has been used to implement the IDS. This paper proposes an approach to implement recurrent echo state network real time IDS. Twenty four packet information both normal and intrusion have been considered for training. Testing has been done with new sets of packet information. The result of intrusion detection (ID) is very close to 90%. The topology of the echo state network is (41 X 20 X 1). The network converged with 24 iterations. However, very huge amount of packets are to be evaluated to know the complete performance of the developed system.
1 Google Scholar 
2 Academic Journals Database 
3 ScientificCommons 
4 Academic Index 
5 CiteSeerX 
6 iSEEK 
7 Socol@r  
8 ResearchGATE 
9 Bielefeld Academic Search Engine (BASE) 
10 Scribd 
11 WorldCat 
12 SlideShare 
13 PDFCAST 
14 PdfSR 
Ajith Abraham, Ravi Jain, Johnson Thomas and Sang Yong Han, D-SCIDS: Distributed SoftComputing intrusion detection system, Journal of Network and Computer Applications 30 (2007) ,PP 81–98
Albert Mo Kim Cheng,On-Time and Scalable Intrusion Detection in Embedded Systems, Real-Time Systems Laboratory,Department of Computer Science,University of Houston, TX 77204, USA
BACE, R AND MELL, P., 2004, NIST Special Publication on Intrusion Detection Systems, http://www.nist.gov
BACE, R. 2002. Intrusion Detection, Macmillan Technical Publishing
BERSHAD, N.J., SHYNK, J.J., AND FEINTUCH, P.L., 1993, Statistical analysis of the single-layer back-propagation algorithm: Part-II-NMSE and classification performance, IEEE Transactions on Acoustics, Speech and Signal Processing, Vol.41, No.2, pp.583- 591.
BERSHAD, N.J., SHYNK, J.J., AND FEINTUCH, P.L., 1993, Statistical analysis of the single-layer-back-propagation algorithm: Part-I-Mean weight behaviour, IEEE Trans. on Acoustics, Speech and Signal Processing, Vol.41, No.2, pp.573-582.
Chung, M., Puketza, N., Olsson, R.A., & Mukherjee, B. (1995) Simulating Concurrent Intrusions for Testing Intrusion Detection Systems:Parallelizing. In Proceedings of the 18th NISSC. pp. 173-183.
Cramer, M., et al. (1995). New Methods of Intrusion Detection using Control-Loop Measurement. In Proceedings of the Technology in Information Security Conference (TISC) ’95. pp. 1-10.
Debar, H. & Dorizzi, B. (1992). An Application of a Recurrent Network to an Intrusion Detection System. In Proceedings of the International Joint Conference on Neural Networks. pp. ( II)478-483.
Debar, H., Becke, M., & Siboni, D. (1992). A Neural Network Component for an Intrusion Detection System. In Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy.
Denault, M., Gritzalis, D., Karagiannis, D., and Spirakis, P. (1994). Intrusion Detection: Approach and Performance Issues of the SECURENET System. In Computers and Security Vol. 13, No. 6, pp. 495-507
Denning, Dorothy. (February, 1987). An Intrusion-Detection Model. IEEE Transactions on Software Engineering, Vol. SE-13, No. 2.
Fox, Kevin L., Henning, Rhonda R., and Reed, Jonathan H. (1990). A Neural Network Approach Towards Intrusion Detection. In Proceedings of the 13th National Computer Security Conference.
Frank, Jeremy. (1994). Artificial Intelligence and Intrusion Detection: Current and Future Directions. In Proceedings of the 17th National Computer Security Conference.
Ghost, A.K., et al. (September 27, 1997). “Detecting Anomalous and Unknown Intrusions Against Programs in Real-Time”. DARPA SBIR Phase I Final Report. Reliable Software Technologies.
GORDEEV, M. 2004. Intrusion Detection Techniques and Approaches, http://www.ict.tuwein.ac.a
GRAHAM, R. 2000. FAQ: Network Intrusion Detection Systems, http://www.robertgraham.com
H. Günes Kayac?k, A. Nur Zincir-Heywood, Malcolm I. Heywood, Selecting Features for Intrusion Detection:A Feature Relevance Analysis on KDD 99 Intrusion Detection Datasets Dalhousie University, Faculty of Computer Science,,6050 University Avenue, Halifax, Nova Scotia. B3H 1W5
Hammerstrom, Dan. (June, 1993). Neural Networks At Work. IEEE Spectrum. pp. 26- 53.
Helman, P. and Liepins, G., (1993). Statistical foundations of audit trail analysis for the detection of computer misuse, IEEE Trans. on Software Engineering, 19(9):886-901.
HIROSE,Y., YAMSHITA,K., AND HIJIYA,S., 1991, Back-propagation algorithm which varies the number of hidden units, Neural Networks, Vol.4, No.1, pp-61-66.
Ilgun, K. (1993). USTAT: A Real-time Intrusion Detection System for UNIX. In Proceedings of the IEEE Symposium on Research in Security and Privacy. pp. 16-28.
Jaeger, H.; The echo state approach to analyzing and training recurrent neural networks; (Tech.Rep. No. 148). Bremen: German National Research Center for Information Technology, 2001.
Jaeger, H.; Tutorial on training recurrent neural networks, covering BPPT, RTRL,EKF and the “echo state network” approach (Tech. Rep. No. 159).; Bremen: German National Research Center for Information Technology, 2002.
Jaeger, H;. Short term memory in echo state networks; (Tech. Rep. No. 152) Bremen: German National Research Center for Information Technology. 2002.
JEAN-PHILIPPE 2004, Application of Neural Networks to Intrusion Detection, http://www.sans.org
KAZIENKO, P., AND DOROSZ, P. 2003, Intrusion Detection Systems (IDS) Part I – network intrusions; attack symptoms; IDS tasks; and IDS
Kohonen, T. (1995) Self-Organizing Maps. Berlin: Springer.
Lippmann.R.P,; AN Introduction to computing with neural nets;IEEE Transactions on ASSP Mag. 35,4(2) 4-22, 1987.
Mukherjee, B., Heberlein, L.T., Levitt, K.N. (May/June, 1994). Network Intrusion Detection. IEEE Network. pp. 28-42.
Porras, P. & Neumann, P. (1997). EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances. In Proceedings of the 20th NISSC.
Puketza, N., Chung, M., Olsson, R.A. & Mukherjee, B. (September/October, 1997). A Software Platform for Testing Intrusion Detection Systems. IEEE Software, Vol. 14, No. 5
R.S.Michalski, K.A.Kaufman, J.Pietrzykowski, B.Sniezynski, J.Wojtusiak, Intelligent Information Systems 2006, New Trends in Intelligent Information Processing and Web Mining Ustron, Poland, June 19-22, 2006
Rumelhart, D. E., Hinton, G. E., & Williams, R. J. (1986). Learning internal representations by error propagation. In D. E. Rumelhart, J. L. McClelland, & the PDP Research Group (Eds.), Parallel distributed processing: Explorations in the microstructure of cognition (Vol.1, pp. 318- 362).
Ryan, J., Lin, M., and Miikkulainen, R. (1997). Intrusion Detection with Neural Networks. AI Approaches to Fraud Detection and Risk Management: Papers from the 1997 AAAI Workshop (Providence, Rhode Island), pp. 72-79. Menlo Park, CA: AAAI.
Sebring, M., Shellhouse, E., Hanna, M. & Whitehurst, R. (1988) Expert Systems in Intrusion Detection: A Case Study. In Proceedings of the 11th National Computer Security Conference.
Staniford-Chen, S. (1995, May 7). Using Thumbprints to Trace Intruders. UC Davis.
Steven Cheung, Bruno Dutertre, Martin Fong, Ulf Lindqvist, Keith Skinner and Alfonso Valdes, Using Model-based Intrusion Detection for SCADA Networks,Computer Science Laboratory,SRI International,December 7, 2006
Tan, K. (1995). The Application of Neural Networks to UNIX Computer Security. In Proceedings of the IEEE International Conference on Neural Networks, Vol.1 pp. 476 – 481.
Tan, K.M.C & Collie, B.S. (1997). Detection and Classification of TCP/IP Network Services. In Proceedings of the Computer Security Applications Conference. pp. 99-107.
Mr. Meera Gandhi
- India
meera.gandhi@gmail.com
Mr. S.K. Srivatsa
- India


CREATE AUTHOR ACCOUNT
 
LAUNCH YOUR SPECIAL ISSUE
View all special issues >>
 
PUBLICATION VIDEOS