自己組織化マップを用いた不正アクセス検知(一般講演B,自己組織化マップ)  [in Japanese] An Intrusion Detection Method Based on Self-Organizing Map  [in Japanese]

Access this Article

  • CiNii Fulltext PDF

    Open Access

Search this Article

Abstract

In this article, we introduce a method of intrusion detection based on self-organizing maps (SOM). As learning cost, we made input vectors from Snort, which is an open source intrusion detection system (IDS). Snort has detection rules as signature files. There are two approaches in IDS : Misuse Intrusion Detection (MID) and Anomaly Intrusion Detection (AID). We inspect our method to be sure that it can detect distributed denial of service (DDoS) attacks which MID can't detect. In the result, it can't detect all of them, but can detect subspecies of known attacks. So, the maps are available for detecting unknown attacks especially DDoS. We will implement our method into Snort or other software, and verify detecting behavior.

Journal

バイオメディカル・ファジィ・システム学会大会講演論文集 : BMFSA   [List of Volumes]

バイオメディカル・ファジィ・システム学会大会講演論文集 : BMFSA (21), 34-35, 2008-10-11  [Table of Contents]

Biomedical Fuzzy Systems Association

Codes

  • NII Article ID (NAID) :
    110008136448
  • NII NACSIS-CAT ID (NCID) :
    AA12495176
  • Text Lang :
    JPN
  • Databases :
    NII-ELS