Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Intrusion detection method based on incremental GHSOM (Growing Hierarchical Self-organizing Maps) neural network

A technology of intrusion detection and neural network, applied in the direction of neural learning method, biological neural network model, electrical components, etc., can solve the problems of inability to detect intrusion behavior in time, change with time, etc., to enhance maturity and reduce space The effect of consumption

Inactive Publication Date: 2012-11-21
PEKING UNIV
View PDF2 Cites 32 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in real intrusion detection network applications, attack types emerge in endlessly, so training samples containing all attack types are usually obtained gradually over time, and the internal information reflected by the training samples may change over time
If the algorithm has to retrain all the data every time it gets a new sample, it will inevitably increase the time complexity and space complexity of the algorithm, and it will not be able to detect new intrusion behaviors in time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intrusion detection method based on incremental GHSOM (Growing Hierarchical Self-organizing Maps) neural network
  • Intrusion detection method based on incremental GHSOM (Growing Hierarchical Self-organizing Maps) neural network
  • Intrusion detection method based on incremental GHSOM (Growing Hierarchical Self-organizing Maps) neural network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] The present invention is described in further detail below in conjunction with accompanying drawing:

[0043] The intrusion detection system of the present invention consists of two parts: offline training of the neural network model and online detection based on the neural network model. The system collects offline sample data of known attack types from the network as the initial training sample data set for offline training, and starts online network intrusion detection after obtaining the intrusion detection model. The offline training process uses the traditional GHSOM neural network training algorithm to train the initial neural network model based on the initial training data set. During the online detection process, the GHSOM network model is dynamically updated during the detection process by running the incremental GHSOM neural network learning algorithm. Obviously, offline training is only to initialize the intrusion detection model, and the incremental GHSOM...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an intrusion detection method based on an incremental GHSOM (Growing Hierarchical Self-organizing Maps) neural network, and belongs to the technical field of network information safety. The method comprises the following steps: 1), acquiring network data online and inputting the network data to an intrusion detection module; 2), calculating a triumph nerve cell t capable of detecting a current vector quantity x by the intrusion detection module; 3), using t to detect x if t is a covering nerve cell and is of the same kind with t; otherwise, putting an unknown attack type tag on x and adding x into an incremental training set; 4), when t meets the expanding conditions, expanding a virtual nerve cell t' from the lower part of t and then expanding a new SOM (Self-organizing Maps) from t', and using an incremental training set It corresponding to t to carry out training; 5), searching a mature father nerve cell of a newly expanded SOM subnet, and if the mature father nerve cell exceeds the conditions for deleting an immature subnet, then training the immature neural network expanded dynamically again; and 6), judging the occurrence of the intrusion according to a detected result output by the intrusion detection module. The intrusion detection method can be used for timely detecting various intrusion behaviors, in particular to the newly emerging intrusion behaviors.

Description

technical field [0001] The invention relates to an intrusion detection method, in particular to an intrusion detection method based on an incremental growing hierarchical self-organizing map (Incremental Growing Hierarchical Self-organizing Maps, IGHSOM) neural network, belonging to the technical field of computer network information security. Background technique [0002] With the continuous expansion of computer network scale and the rapid development of network technology, computer network is closely related to people's daily life, and network security issues have also attracted people's attention. Especially in recent years, the frequency of hacker attacks, the speed of transmission, the extent of victims and the degree of damage have been increasing. How to ensure that personal information is not stolen, and how to resist attacks or attempts from outside the network and inside the system, has become a major issue in network security. An important topic that the industry...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06N3/08H04L29/06
Inventor 杨雅辉黄海珍沈晴霓吴中海夏敏阳时来
Owner PEKING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com