Anomaly detection using fast SOFM

Jun Zheng; Mingzeng Hu; Binxing Fang; Hongli Zhang

doi:10.1007/978-3-540-30207-0_66

Anomaly detection using fast SOFM

Jun Zheng^*
, Mingzeng Hu
, Binxing Fang
, Hongli Zhang

^*Corresponding author for this work

Faculty of Computing

Harbin Institute of Technology

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

1 Scopus citations

Abstract

Different with the host-based anomaly detection, the huge volume of network traffic requires machine learning algorithms more efficient in the network-based anomaly detection. In this paper, the more efficient detection frame based on the SOFM algorithm with the fast nearest-neighbor searching strategy to detect the attack is proposed. We apply the detection frame to DARPA Intrusion Detection Evaluation Dataset. It is shown that the network attacks are detected with relatively low false alarms and more efficiency. The performance of anomaly detection model is improved greatly.

Original language	English
Title of host publication	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Editors	Hai Jin, Jianhua Sun, Yi Pan, Nong Xiao
Publisher	Springer Verlag
Pages	530-537
Number of pages	8
ISBN (Print)	3540235787, 9783540235781
DOIs	https://doi.org/10.1007/978-3-540-30207-0_66
State	Published - 2004

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	3252
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Access to Document

10.1007/978-3-540-30207-0_66

Cite this

Zheng, J., Hu, M., Fang, B., & Zhang, H. (2004). Anomaly detection using fast SOFM. In H. Jin, J. Sun, Y. Pan, & N. Xiao (Eds.), Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (pp. 530-537). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3252). Springer Verlag. https://doi.org/10.1007/978-3-540-30207-0_66

Zheng, Jun ; Hu, Mingzeng ; Fang, Binxing et al. / Anomaly detection using fast SOFM. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). editor / Hai Jin ; Jianhua Sun ; Yi Pan ; Nong Xiao. Springer Verlag, 2004. pp. 530-537 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inbook{7670296a4b1d41fdb9111581c81722ee,

title = "Anomaly detection using fast SOFM",

abstract = "Different with the host-based anomaly detection, the huge volume of network traffic requires machine learning algorithms more efficient in the network-based anomaly detection. In this paper, the more efficient detection frame based on the SOFM algorithm with the fast nearest-neighbor searching strategy to detect the attack is proposed. We apply the detection frame to DARPA Intrusion Detection Evaluation Dataset. It is shown that the network attacks are detected with relatively low false alarms and more efficiency. The performance of anomaly detection model is improved greatly.",

author = "Jun Zheng and Mingzeng Hu and Binxing Fang and Hongli Zhang",

year = "2004",

doi = "10.1007/978-3-540-30207-0\_66",

language = "英语",

isbn = "3540235787",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "530--537",

editor = "Hai Jin and Jianhua Sun and Yi Pan and Nong Xiao",

booktitle = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

address = "德国",

}

Zheng, J, Hu, M, Fang, B & Zhang, H 2004, Anomaly detection using fast SOFM. in H Jin, J Sun, Y Pan & N Xiao (eds), Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 3252, Springer Verlag, pp. 530-537. https://doi.org/10.1007/978-3-540-30207-0_66

Anomaly detection using fast SOFM. / Zheng, Jun; Hu, Mingzeng; Fang, Binxing et al.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). ed. / Hai Jin; Jianhua Sun; Yi Pan; Nong Xiao. Springer Verlag, 2004. p. 530-537 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3252).

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

TY - CHAP

T1 - Anomaly detection using fast SOFM

AU - Zheng, Jun

AU - Hu, Mingzeng

AU - Fang, Binxing

AU - Zhang, Hongli

PY - 2004

Y1 - 2004

N2 - Different with the host-based anomaly detection, the huge volume of network traffic requires machine learning algorithms more efficient in the network-based anomaly detection. In this paper, the more efficient detection frame based on the SOFM algorithm with the fast nearest-neighbor searching strategy to detect the attack is proposed. We apply the detection frame to DARPA Intrusion Detection Evaluation Dataset. It is shown that the network attacks are detected with relatively low false alarms and more efficiency. The performance of anomaly detection model is improved greatly.

AB - Different with the host-based anomaly detection, the huge volume of network traffic requires machine learning algorithms more efficient in the network-based anomaly detection. In this paper, the more efficient detection frame based on the SOFM algorithm with the fast nearest-neighbor searching strategy to detect the attack is proposed. We apply the detection frame to DARPA Intrusion Detection Evaluation Dataset. It is shown that the network attacks are detected with relatively low false alarms and more efficiency. The performance of anomaly detection model is improved greatly.

UR - https://www.scopus.com/pages/publications/35048893936

U2 - 10.1007/978-3-540-30207-0_66

DO - 10.1007/978-3-540-30207-0_66

M3 - 章节

AN - SCOPUS:35048893936

SN - 3540235787

SN - 9783540235781

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 530

EP - 537

BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

A2 - Jin, Hai

A2 - Sun, Jianhua

A2 - Pan, Yi

A2 - Xiao, Nong

PB - Springer Verlag

ER -

Zheng J, Hu M, Fang B, Zhang H. Anomaly detection using fast SOFM. In Jin H, Sun J, Pan Y, Xiao N, editors, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Springer Verlag. 2004. p. 530-537. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-540-30207-0_66

Anomaly detection using fast SOFM

Abstract

Publication series

Access to Document

Other files and links

Fingerprint

Cite this