CFP last date
20 December 2024
Reseach Article

Network Anomaly Detection using PSO-ANN

by Diptam Dutta, Kaustav Choudhury
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 77 - Number 2
Year of Publication: 2013
Authors: Diptam Dutta, Kaustav Choudhury
10.5120/13368-0968

Diptam Dutta, Kaustav Choudhury . Network Anomaly Detection using PSO-ANN. International Journal of Computer Applications. 77, 2 ( September 2013), 35-42. DOI=10.5120/13368-0968

@article{ 10.5120/13368-0968,
author = { Diptam Dutta, Kaustav Choudhury },
title = { Network Anomaly Detection using PSO-ANN },
journal = { International Journal of Computer Applications },
issue_date = { September 2013 },
volume = { 77 },
number = { 2 },
month = { September },
year = { 2013 },
issn = { 0975-8887 },
pages = { 35-42 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume77/number2/13368-0968/ },
doi = { 10.5120/13368-0968 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:49:14.134754+05:30
%A Diptam Dutta
%A Kaustav Choudhury
%T Network Anomaly Detection using PSO-ANN
%J International Journal of Computer Applications
%@ 0975-8887
%V 77
%N 2
%P 35-42
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

In this work, the continue from the last research work done [20], thus it is proposed a data mining based anomaly detection system, aiming to detect volume anomalies, using Simple Network Management Protocol (SNMP) monitoring. The method is novel in terms of combining the use of Digital Signature of Network Segment (DSNS) with the evolutionary technique called Particle Swarm Optimization (PSO)[5] and neural network training, applied in a real data set. PSO is a high efficient heuristic technique with low computational complexity, developed in 1995 by Kennedy and Eberhart [1] inspired by social behavior of bird flocking. The DSNS is a baseline that consists of different normal behavior profiles to a specific network device or segment, generated by the GBA tool (Automatic Backbone Management), using data collected from SNMP objects. The proposed anomaly detection system uses the SVM in order to clusterize the traffic collected by SNMP agents and its respective DSNS. The PSO is combined with the SVM in order to improve performance and quality of the solution in the clusterization and calculation of clusters centroids. Tests were carried out using a real network environment in the Techno India University, Kolkata. Numerical results have been shown that the obtained detection and false alarm rates are promising. It is also implemented the deterministic method proposed in order to detect anomalies on the same dataset, so that both methods could be compared.

References
  1. A. Kind, M. P. Stoecklin, and X. Dimitropoulos, "Histogram-based traffic anomaly detection," in IEEE Transactions on Network Service Management, vol. 6, no. 2, June 2009.
  2. B. B. Zarpel˜ao, L. S. Mendes, M. L. Proenc¸a Jr. , and J. J. P. C. Rodrigues, "Parameterized anomaly detection system with automatic configuration," in GC'09 CSS. 2009 IEEE Global Communications Conference (IEEE GLOBECOM 2009), Communications Software and Services Symposium, 2009.
  3. A. Patcha and J. M. Park, "An overview of anomaly detection techniques: Existing solutions and latest technological trends," Computer Networks: The International Journal of Computer and Telecommunications Networking, 2007.
  4. M. L. Proenc¸a Jr. , C. Coppelmans, M. Botolli, and L. S. Mendes, Security and reliability in information systems and networks: Baseline to help with network management. Springer, 2006, pp. 149–157.
  5. J. Kennedy and R. Eberhart, "Particle swarm optimization," in IEEE International Conference on Neural Networks, 1995, pp. 1942–1948.
  6. J. B. MacQueen, "Some methods for classification and analysis of multivariate observations," in Proceedings of the Fifth Berkeley Symposium on Mathematical Statistics and Probability, 1967, pp. 281–297.
  7. Y. ling Zhang, Z. guo Han, and J. xia Ren, "A network anomaly detection method based on relative entropy theory," in Proceedings of the 2009 Second International Symposium on Electronic Commerce and Security, 2009, pp. 231 – 235.
  8. L. Kuang and M. Zulkernine, "An anomaly intrusion detection method using the csi-knn algorithm," in Proceedings of the 2008 ACM symposium on Applied computing, 2008, pp. 921 – 926.
  9. L. He, S. Yu, and M. Li, "Anomaly detection based on available bandwidth estimation," in Proceedings of the 2008 IFIP International Conference on Network and Parallel Computing, 2008, pp. 176 – 183
  10. R. Ensafi, S. Dehghanzadeh, R. Mohammad, and T. Akbarzadeh, "Optimizing fuzzy k-means for network anomaly detection using pso," in AICCSA 2008. IEEE/ACS International Conference on Computer Systems and Applications, Apr. 2008, pp. 686 – 693.
  11. KDD Cup 1999 Data. Available at http://kdd. ics. uci. edu/databases/kddcup99/kddcup99. html.
  12. R. Ma, Y. Liu, X. Lin, and Z. Wang, "Network anomaly detection using rbf neural network with hybrid qpso," in IEEE International Conference on Networking, Sensing and Control, Apr. 2008, pp. 1284 – 1287.
  13. L. Xiao, Z. Shao, and G. Liu, "K-means algorithm based on particle swarm optimization algorithm for anomaly intrusion detection," in WCICA 2006 . The Sixth World Congress on Intelligent Control and Automation, 2006, pp. 5854 – 5858.
  14. N. Nedjah and L. M. Mourelle, Swarm Intelligent Systems. Springer- Verlag Berlin Heidelberg: Springer, 2006.
  15. Y. Shi and R. C. Eberhart, "Parameter selection in particle swarm optimization," in 1998 Annual Conference on Evolutionary Programming, San Diego, USA, March 1998.
  16. S. Axelsson, "The base-rate fallacy and the difficulty of intrusion detection," in ACM Transactions on Information and Systems Security 3, vol. 1, May 2000, pp. 186 – 205.
  17. Kennedy, J. ; Eberhart, R. (1995). "Particle Swarm Optimization". Proceedings of IEEE International Conference on Neural Networks.
  18. Kennedy, J. ; Eberhart, R. C. (2001). Swarm Intelligence. Morgan Kaufmann.
  19. Poli, R. (2008). "Analysis of the publications on the applications of particle swarm optimisation". Journal of Artificial Evolution and Applications 2008.
  20. Argha Roy, Diptam Dutta, Kaustav Choudhury. "Training Artificial Neural Network using Particle Swarm Optimization Algorithm", International Journal of Advanced Research in Computer Science and Software Engineering, Volume 3, Issue 3, March-2013.
  21. Dipankar Dasgupta, "Artificial Immune Systems and Their Applications", 1993, Springer-Verlag Berlin HeiEnlberg.
Index Terms

Computer Science
Information Sciences

Keywords

Artificial Neural Network Back Propagation Intrusion Detection and Prevention Network Attack.