Optimization of Neural Networks for Network Intrusion Detection

Abstract

41 higher-level derived features were presented by Stolfo et al that help in distinguishing normal connections from attacks. Numerous researchers employed these features to study the utilization of machine learning for intrusion detection and reported detection rates up to 91% with false positive rates less than 1%. Unfortunately, with these 41 derived features as inputs, IDS systems take long time to converge when training and work slowly during on-line detections. We reduced the number of inputs while keeping IDS systems high detection rates. After simulation, analysis and experiment, we reduce the input number to 18, get a “best” architecture, i.e. 18-36-1, of BP neural network for IDS systems. Furthermore, we find an appropriate training function, i.e. trainbfg, for our “best” architecture.

7 Figures and Tables

Cite this paper

@article{Wang2009OptimizationON, title={Optimization of Neural Networks for Network Intrusion Detection}, author={Huiran Wang and Ruifang Ma}, journal={2009 First International Workshop on Education Technology and Computer Science}, year={2009}, volume={1}, pages={418-420} }