Back to Search
Start Over
Network Anomaly Detection Based on Wavelet Fuzzy Neural Network with Modified QPSO.
- Source :
-
International Journal of Distributed Sensor Networks . Jan/Feb2009, Vol. 5 Issue 1, p49-49. 1p. - Publication Year :
- 2009
-
Abstract
- This paper proposes a novel network anomaly detection method employing wavelet fuzzy neural network (WFNN) to use modified Quantum-Behaved Particle Swarm Optimization (QPSO). In this paper, wavelet transform is applied to extract fault characteristics from the anomaly state. Fuzzy theory and neural network are employed to fuzzify the extracted information. Wavelet is then integrated with fuzzy neural network to form the wavelet fuzzy neural network (WFNN). The Quantum-Behaved Particle Swarm Optimization proposed by Jun Sun, which outperforms the other optimization algorithm considerably on its simple architecture and fast convergence, has previously applied to solve the optimum problem. However, the QPSO also has its own shortcomings. In QPSO if a particle flew off the boundary (the search area), the algorithm usually would regard the position value of the particle as the value of the boundary. If the boundary is at the position of local optimum, the particles were trapped into local optimum easily. It is impossible for them to arrive at the global optimum. With the increase of particle, the diversity of swam would be declined and the global search quality of the algorithm would be also declined. In the modified algorithm, it shows that the particles field off the boundary were distributed in the c*r and () search space. The diversity of swam and the global search quality would be enhanced. So there exists a modified QPSO which is employed to train WFNN in this paper. We have demonstrated performance comparisons to QPSO-WFNN, PSO-WFNN using the same data set extracts from the KDD99 Datasets, and the results have shown that the MQPSO-WFNN model exhibits superior performance with a higher attack detection rate and lower false positive rate. Experiments with KDD Cup 1999 connection traffic data have shown that this model is able to effectively detect intrusive behaviors. It also shows the remarkable ability of our IDS to detect new type of attacks. [ABSTRACT FROM AUTHOR]
Details
- Language :
- English
- ISSN :
- 15501329
- Volume :
- 5
- Issue :
- 1
- Database :
- Academic Search Index
- Journal :
- International Journal of Distributed Sensor Networks
- Publication Type :
- Academic Journal
- Accession number :
- 36281632
- Full Text :
- https://doi.org/10.1080/15501320802540488