Modeling Intrusion Detection System by Selecting optimiszed ANN Train Algorithm

Abstract

With the rapid expansion of computer networks during the past decade, security has become a crucial issue for computer systems. Different soft-computing based methods have been proposed in recent years for the development of intrusion detection systems. This work presents a neural network approach to intrusion detection. The purpose of this work is to design, implement and evaluate an anomaly based intrusion detection system and to test the performance of different neural network training functions for IDS. Intrusion Detection System is a detection mechanism that detects unauthorized, malicious presence in the computer systems.

In this work the user behavior is taken as parameter to detect the intrusions. The neural network learns about the normal user’s behavior form the network traffic that only contains information about normal users. The proposed Intrusion Detection System in this work uses a backproapgation neural network to learn user’s behavior. An intrusion detection system is divided into two phases: learning and detection. In learning phase, the system learns about the normal user’s or system’s behavior. In the detection phase, system detects the intruder’s by matching their behavior with that of normal user’s. It is obvious that the intruder’s behavior is different than that of normal user’s.

The 1998 DARPA Intrusion Detection Evaluation data sets collected from the literature review are used in this work. For the training of the neural network 220 sessions of traffic is used. Out of these there were 112 sessions with normal traffic and 108 sessions with attacks. When the learning is over, the system is tested with the network traffic that contains attacks and normal data. 100 sessions of traffic to test the trained network is used. Out of these 50 sessions with normal traffic and 50 sessions with attacks.