Combining Self-Organizing Map Algorithms for Robust and Scalable Intrusion Detection

AutorSahin Albayrak, Achim Müller, Christian Scheel , Dragan Milosevic
QuelleCIMCA'2005 & IAWTIC'2005 
LinksDownload   |   BibTeX 

In the field of intrusion detection systems, the aspect of anomaly detection is very important, and consequently there are many approaches that address these security issues. The usage of Self-Organizing Map (SOM) makes a foundation for some of these approaches, which consequently often have problems to cope with the requirements of huge nowadays networks. The proposed approach focuses on improving the usage of SOMs for anomaly detection, by combining the strengths of different SOM algorithms. The performed evaluations have shown the necessity of paying attention to different aspects, coming along with network nodes, to individually choose the best matching SOM for each node's anomaly detection.