Metody i techniki sztucznej inteligencji
- L. Rutkowski
- PWN, Warszawa
Usually, Intrusion Detection Systems (IDS) work using two methods of identification of attacks: by signatures that are specific defined elements of the network traffic possible to identification and by anomalies being some deviations form of the network behavior assumed as normal. In the both cases one must pre-define the form of the signature (in the first case) and the network’s normal behavior (in the second one). In this paper we propose application of Neural Networks (NN) as a tool for application in IDS. Such a method makes possible utilization of the NN learning property to discover new attacks, so (after the training phase) we need not deliver attacks’ definitions to the IDS. In the paper, we study usability of several NN architectures to find the most suitable for the IDS application purposes.