Data Mining in Cyber Threat Analysis – Neural Networks for Intrusion Detection
This work is licensed under a Creative Commons Attribution 4.0 International License.
The copyright to this article is transferred to the University of Public Service Budapest, Hungary (for U.S. government employees: to the extent transferable) effective if and when the article is accepted for publication. The copyright transfer covers the exclusive right to reproduce and distribute the article, including reprints, translations, photographic reproductions, microform, electronic form (offline, online) or any other reproductions of similar nature.
The author warrants that this contribution is original and that he/she has full power to make this grant. The author signs for and accepts responsibility for releasing this material on behalf of any and all co-authors.
An author may make an article published by University of Public Service available on a personal home page provided the source of the published article is cited and University of Public Service is mentioned as copyright holder
Abstract
The most important features and constraints of the commercial intrusion detection (IDS) and prevention (IPS) systems and the possibility of application of artificial intelligence and neural networks such as IDS or IPS were investigated. A neural network was trained using the Levenberg-Marquardt backpropagation algorithm and applied on the Knowledge Discovery and Data Mining (KDD)’99 [14] reference dataset. A very high (99.9985%) accuracy and rather low (3.006%) false alert rate was achieved, but only at the expense of high memory consumption and low computation speed. To overcome these limitations, the selection of training data size was investigated. Result shows that a neural network trained on ca. 50,000 data is enough to achieve a detection accuracy of 99.82%.