Back to Search Start Over

Network Anomaly Detection Based on Wavelet Fuzzy Neural Network with Modified QPSO.

Authors :
Ma, Ruhui
Liu, Yuan
Lin, Xing
Source :
International Journal of Distributed Sensor Networks. Jan/Feb2009, Vol. 5 Issue 1, p49-49. 1p.
Publication Year :
2009

Abstract

This paper proposes a novel network anomaly detection method employing wavelet fuzzy neural network (WFNN) to use modified Quantum-Behaved Particle Swarm Optimization (QPSO). In this paper, wavelet transform is applied to extract fault characteristics from the anomaly state. Fuzzy theory and neural network are employed to fuzzify the extracted information. Wavelet is then integrated with fuzzy neural network to form the wavelet fuzzy neural network (WFNN). The Quantum-Behaved Particle Swarm Optimization proposed by Jun Sun, which outperforms the other optimization algorithm considerably on its simple architecture and fast convergence, has previously applied to solve the optimum problem. However, the QPSO also has its own shortcomings. In QPSO if a particle flew off the boundary (the search area), the algorithm usually would regard the position value of the particle as the value of the boundary. If the boundary is at the position of local optimum, the particles were trapped into local optimum easily. It is impossible for them to arrive at the global optimum. With the increase of particle, the diversity of swam would be declined and the global search quality of the algorithm would be also declined. In the modified algorithm, it shows that the particles field off the boundary were distributed in the c*r and () search space. The diversity of swam and the global search quality would be enhanced. So there exists a modified QPSO which is employed to train WFNN in this paper. We have demonstrated performance comparisons to QPSO-WFNN, PSO-WFNN using the same data set extracts from the KDD99 Datasets, and the results have shown that the MQPSO-WFNN model exhibits superior performance with a higher attack detection rate and lower false positive rate. Experiments with KDD Cup 1999 connection traffic data have shown that this model is able to effectively detect intrusive behaviors. It also shows the remarkable ability of our IDS to detect new type of attacks. [ABSTRACT FROM AUTHOR]

Details

Language :
English
ISSN :
15501329
Volume :
5
Issue :
1
Database :
Academic Search Index
Journal :
International Journal of Distributed Sensor Networks
Publication Type :
Academic Journal
Accession number :
36281632
Full Text :
https://doi.org/10.1080/15501320802540488