Skip to main content
placeholder image

High resolution SOM approach to improving anomaly detection in intrusion detection systems

Journal Article


Abstract

  • Machine learning in general and artificial neural networks in particular are commonly used to address the problem of detecting anomalies in intrusion detection systems. Self-Organizing Maps (SOMs) have been shown to be a promising tool for this purpose, but the limitation of the cardinality of their display space has resulted in SOMs being a black box method and impeded the design of a simpler network architecture. High resolution SOMs are a very recent development that can overcome these problems. This paper explores how high resolution SOMs can help with anomaly detection in intrusion detection systems. Experiments on a large and well established benchmark problem show that high resolution SOMs improve results while allowing a simple network architecture. It is also shown that high resolution SOMs allow the development of better understanding of the results and the problem domain.

Publication Date

  • 2016

Citation

  • Saraswati, A., Hagenbuchner, M. & Zhou, Z. (2016). High resolution SOM approach to improving anomaly detection in intrusion detection systems. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 9992 191-199. 29th Australasian Joint Conference on Artificial Intelligence: AI 2016: Advances in Artificial Intelligence

Scopus Eid

  • 2-s2.0-85007170284

Ro Metadata Url

  • http://ro.uow.edu.au/eispapers/6505

Number Of Pages

  • 8

Start Page

  • 191

End Page

  • 199

Volume

  • 9992

Place Of Publication

  • Germany

Abstract

  • Machine learning in general and artificial neural networks in particular are commonly used to address the problem of detecting anomalies in intrusion detection systems. Self-Organizing Maps (SOMs) have been shown to be a promising tool for this purpose, but the limitation of the cardinality of their display space has resulted in SOMs being a black box method and impeded the design of a simpler network architecture. High resolution SOMs are a very recent development that can overcome these problems. This paper explores how high resolution SOMs can help with anomaly detection in intrusion detection systems. Experiments on a large and well established benchmark problem show that high resolution SOMs improve results while allowing a simple network architecture. It is also shown that high resolution SOMs allow the development of better understanding of the results and the problem domain.

Publication Date

  • 2016

Citation

  • Saraswati, A., Hagenbuchner, M. & Zhou, Z. (2016). High resolution SOM approach to improving anomaly detection in intrusion detection systems. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 9992 191-199. 29th Australasian Joint Conference on Artificial Intelligence: AI 2016: Advances in Artificial Intelligence

Scopus Eid

  • 2-s2.0-85007170284

Ro Metadata Url

  • http://ro.uow.edu.au/eispapers/6505

Number Of Pages

  • 8

Start Page

  • 191

End Page

  • 199

Volume

  • 9992

Place Of Publication

  • Germany