Accession Number : ADA632376


Title :   Neural Detection of Malicious Network Activities Using a New Direct Parsing and Feature Extraction Technique


Descriptive Note : Master's thesis


Corporate Author : NAVAL POSTGRADUATE SCHOOL MONTEREY CA CENTER FOR JOINT SERVICES ELECTRONIC WARFARE


Personal Author(s) : Low, Cheng H


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a632376.pdf


Report Date : Sep 2015


Pagination or Media Count : 75


Abstract : The aim of this thesis is to develop an intrusion detection system (IDS) software, which learns to detect and classify network attacks and intrusions through prior training data. With the added criteria of operating in real-time applications, ways of improving the efficiency of the IDS without sacrificing the probability of correct classification (PCC) are also considered. Knowledge Data and Discovery Cup 99 data is used to evaluate the IDS architecture. Two neural network (NN) architectures were designed and compared through simulation; the first architecture uses a single NN, while the second uses the merged output of three NNs in parallel. Results show that a three-parallel NN implementation has similar classification performance and a shorter training time than with a single NN implementation. PCC is on the order of 93% for denial-of-service attacks and 96% for normal traffic. The classification results for the R2L and U2R attacks are poor due to the lack of available training data.


Descriptors :   *COMPUTER PROGRAMS , *INTRUSION DETECTION(COMPUTERS) , ATTACK , CLASSIFICATION , EFFICIENCY , FEATURE EXTRACTION , NETWORK ARCHITECTURE , NEURAL NETS , REAL TIME , THESES


Subject Categories : Computer Programming and Software


Distribution Statement : APPROVED FOR PUBLIC RELEASE