Attack visualization for intrusion detection system
Department of Electrical and Computer Engineering
Master of Science
Manikopoulos, Constantine N.
Shi, Yun Q.
Attack detection and visualization
Artificial neural networks
Attacks detection and visualization is the process of attempting to identify instances of network misuse by comparing current activity against the expected actions of an intruder. Most current approaches to attack detection involve the use of rule-based expert systems to identify indications of known attacks. However, these techniques are less successful in identifying attacks, which vary from expected patterns. Artificial neural networks provide the potential to identify and classify network activity based on limited, incomplete, and nonlinear data sources. Presenting an approach to the process of Attack visualization that utilizes the analytical strengths of neural networks, and providing the results from a preliminary analysis of the network parameters being watched like Internet Protocol (IP) packet length, packet traffic, IP byte traffic, IP packet rate, IP byte rate, User Datagram Protocol (UDP) packet length, UDP packet traffic, UDP byte traffic, UDP packet rate, UDP byte rate, Heart Beat (HB) End-to-end delay, and HB Packet loss rate. Beside collected attack data, numerical simulated data was generated using the neural network sigmoids with Matlab. The characteristics of the obtained data showed lots of similarities with the actual collected network data. Further work is continuing to obtain different attack data using the Opnet simulating program.
njit-etd2002-092 (118 pages ~ 16,718 KB pdf)
Please complete this Feedback Form to inform us about your experience using this website. It will assist us in better serving your information needs in the future. Thank You!
Created September 8, 2008