A Model for Anomaly Detection Using the Metaheuristic Methods

Authors: Sara Haj Ebrahimi, Amid Khatibi

Abstract: Today detection of new threats has become a need for secured communication to provide complete data confidentiality, integrity and availability. Design and development of such an intrusion detection system in the communication world, should not only be new, accurate and fast but also effective in an environment encompassing the surrounding network. In this paper, a new approach is proposed for network anomaly detection by combining neural network and clustering algorithms. We propose a modified Self Organizing Map algorithm which initially starts with null network and grows with the original data space as initial weight vector, updating neighborhood rules and learning rate dynamically in order to overcome the fixed architecture and random weight vector assignment of simple SOM. New nodes are created using distance threshold parameter and their neighborhood is identified using connection strength and its learning rule and the weight vector updating is carried out for neighborhood nodes. The Fuzzy k-means clustering algorithm is employed for grouping similar nodes of Modified SOM into k clusters using similarity measures. Performance of the new approach is evaluated with standard bench mark dataset. The new approach is evaluated using performance metrics such as detection rate and false alarm rate. The result is compared with other individual neural network methods, which shows considerable increase in the detection rate and 1.5% false alarm rate.

Pages: 12-16

DOI: 10.46300/9102.2022.16.3

International Journal of Mathematics and Computers in Simulation, E-ISSN: 1998-0159, Volume 16, 2022, Art. #3