Detecting attack signatures in the real network traffic with ANNIDA

作者:

Highlights:

摘要

In this paper, an improved version of ANNIDA for detecting attack signatures in the payload of network packets is presented. The Hamming Net artificial neural network methodology was used with good results. A review of the application’s development is followed by a summary of the modifications made in the application in order to classify real data. Application improvements are reported, solving the problems of time delays in writing/reading data in the files and data collision effects when generating numeric keys used to model data for the neural network. Test results highlight the increased accuracy and efficiency of the new application when submitted to real data from HTTP network traffic containing actual traces of attacks and legitimate data. Finally, an evaluation of the application to detect signatures in real network traffic data is presented.

论文关键词:Neural network application,Intelligent system,Intrusion detection application,Signature detection,Network security

论文评审过程:Available online 16 April 2007.

论文官网地址:https://doi.org/10.1016/j.eswa.2007.03.011