{"title":"Attack Characterization and Intrusion Detection using an Ensemble of Self-Organizing Maps","authors":"L. DeLooze","doi":"10.1109/IAW.2006.1652084","DOIUrl":null,"url":null,"abstract":"Self-organized maps (SOM) use an unsupervised learning technique to independently organize a set of input patterns into various classes. In this paper, we use an ensemble of SOMs to identify computer attacks and characterize them appropriately using the major classes of computer attacks (denial of service, probe, user-to-root and remote-to-local). The procedure produces a set of confidence levels for each connection as a way to describe the connection's behavior","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"48 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 IEEE Information Assurance Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IAW.2006.1652084","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 19
Abstract
Self-organized maps (SOM) use an unsupervised learning technique to independently organize a set of input patterns into various classes. In this paper, we use an ensemble of SOMs to identify computer attacks and characterize them appropriately using the major classes of computer attacks (denial of service, probe, user-to-root and remote-to-local). The procedure produces a set of confidence levels for each connection as a way to describe the connection's behavior