A multi-layer perceptron approach for flow-based anomaly detection

Conference paper (2017)

Authors

Lennart Van Efferen Universiteit Leiden

A.M.T. Ali-Eldin Mansoura University, Universiteit Leiden,

Anomaly detection Artificial Neural Networks (ANNs) Intrusion detection systems (IDS) J48 decision tree Multi-layer Perceptrons (MLP)

More Info

expand_more

To reference this document use:

http://resolver.tudelft.nl/uuid:a394e460-0a5b-4395-8213-7e66e0e03f8f

Published Date

2017

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

The increase in successful cyber-attacks on systems with firewalls and encryption techniques has led to the creation of Intrusion Detection Systems (IDS). Machine learning techniques are often used for these systems to predict malicious behaviour in the vague and unbalanced data. Flow-based IDS monitors only the packet headers of the network traffic and not the attached data to keep up with the growing bandwidth of networks and to maintain the privacy of the users. In this context, a multilayer perceptron approach is analysed on two different datasets and compared to a J48 Decision Tree classifier. Obtained results confirm that flow-based systems seem to be, apart from inevitable, the right way for IDS in the future and that MLP can still be useful in flow-based detection.

Files

08072036.pdf

(.pdf | 0.328 Mb)