new Project : Intrusion Detection System

new Project : Intrusion Detection System

Post by Hussam Mous » Tue, 13 Feb 2001 04:30:20



we are working on a graduation project titled
"neural network based intrusion detection system"

we are basicly trying to create a system with human like skills for pattern
recognition , to supplement the widely available "rule-based IDS"
we will probably be building a hybrid between network based and host based
IDS, and we will be training our network to detect patterns that may seem
malicious or suspicious

I would really appreciate any help in pointing me to links, articles, or
previous projects
that could be relevant to our topic

also I would welcome any feedback from anybody who is interested in such a
project.

--
Best Regards
Hussam Mousa

 
 
 

new Project : Intrusion Detection System

Post by chryss2.. » Tue, 13 Feb 2001 20:25:29


  I have worked with neural nets during my university years. I was also
interested in other techniques, such as GP(genetic programming), that
perform comparably with NN in many problems. I would be interested in
helping you with your project, as well as trying to find an alternate
solution based on GP, and of comparing them.
  If you are interested, please write back.

  Chryss



> we are working on a graduation project titled
> "neural network based intrusion detection system"

> we are basicly trying to create a system with human like skills for
pattern
> recognition , to supplement the widely available "rule-based IDS"
> we will probably be building a hybrid between network based and host
based
> IDS, and we will be training our network to detect patterns that may
seem
> malicious or suspicious

> I would really appreciate any help in pointing me to links, articles,
or
> previous projects
> that could be relevant to our topic

> also I would welcome any feedback from anybody who is interested in
such a
> project.

> --
> Best Regards
> Hussam Mousa

Sent via Deja.com
http://www.deja.com/

 
 
 

new Project : Intrusion Detection System

Post by Paul Victor Birk » Tue, 13 Feb 2001 21:13:09



>   I have worked with neural nets during my university years. I was also
> interested in other techniques, such as GP(genetic programming), that
> perform comparably with NN in many problems.

********************
What problems?
GP Pattern Recognitio?
GP multivariable regression?

I never heard of these, Paul

 
 
 

new Project : Intrusion Detection System

Post by Paul Victor Birk » Tue, 13 Feb 2001 21:15:53



>   I have worked with neural nets during my university years. I was also
> interested in other techniques, such as GP(genetic programming), that
> perform comparably with NN in many problems.

********************
What problems?
GP Pattern Recognition?
GP multivariable regression?

I never heard of these, Paul

GP is a solution strategy, NNs are modelling strategies!

 
 
 

new Project : Intrusion Detection System

Post by Ichini » Wed, 14 Feb 2001 00:24:43


Hi.

http://www.securityfocus.com/library/977
http://www.securityfocus.com/library/2060

(You also may want to check out how anomaly detection
 (aka "initial profiling") for IDS's works.)

Regards,
Ichinin

Sent via Deja.com
http://www.deja.com/

 
 
 

new Project : Intrusion Detection System

Post by r1cca.. » Wed, 14 Feb 2001 07:38:31


I actually wonder to what degree one can use NN / cognitive rules to tame an
IDS.  Simple because IDS are still so static and cumbersome.  They need to be
fine tuned, and until this can be done, NN and a like will provide more
overload.

unless of course, there can be a solution for a distributed component that can
monitor active connections without limit.  256 T1's ??

More so, using the human decision processing scheme, it needs a rule set to
define what is permissable and what is not.  this rule set, must be static.
If one was to allow the rule set to increase dynamically, the firing of rules
and the decision process increases, further stressing the component.

There are many avenues a project like yours could work down, but consider
this.
your system is in a high profile company, maybe an ISP, and they have let your
system live in the wild.  With a rule set already constructed, the cognitive
process begin firing and it is decided upon that a certain protocol malformed
packet is refused, (it may not follow an RFC). However, the disconnection
causes a huge outage.

now, if the system is turned off, ruleset removed and turned on, what prevents
that rule set being constructed again, and fired?

Hmmmm.  Interesting project.


>we are working on a graduation project titled
>"neural network based intrusion detection system"

>we are basicly trying to create a system with human like skills for pattern
>recognition , to supplement the widely available "rule-based IDS"
>we will probably be building a hybrid between network based and host based
>IDS, and we will be training our network to detect patterns that may seem
>malicious or suspicious

>I would really appreciate any help in pointing me to links, articles, or
>previous projects
>that could be relevant to our topic

>also I would welcome any feedback from anybody who is interested in such a
>project.

>--
>Best Regards
>Hussam Mousa

 -----  Posted via NewsOne.Net: Free (anonymous) Usenet News via the Web  -----
  http://newsone.net/ -- Free reading and anonymous posting to 60,000+ groups
   NewsOne.Net prohibits users from posting spam.  If this or other posts

 
 
 

new Project : Intrusion Detection System

Post by Kenneth W Del Signor » Wed, 21 Feb 2001 02:56:38


There's a book titled
"Truth from Trash" (can't remember author)
that talks about pattern classification
using nns, and in particular it uses
intrusion detection as an example.
Ken
 
 
 

new Project : Intrusion Detection System

Post by Damien Chastrett » Thu, 08 Mar 2001 00:25:56


hi all,

I've been working with neural networks before The technology I used is called
Zisc, it is very efficient: http://www.silirec.com

Good luck.

Hussam Mousa a crit :

> we are working on a graduation project titled
> "neural network based intrusion detection system"

> we are basicly trying to create a system with human like skills for pattern
> recognition , to supplement the widely available "rule-based IDS"
> we will probably be building a hybrid between network based and host based
> IDS, and we will be training our network to detect patterns that may seem
> malicious or suspicious

> I would really appreciate any help in pointing me to links, articles, or
> previous projects
> that could be relevant to our topic

> also I would welcome any feedback from anybody who is interested in such a
> project.

> --
> Best Regards
> Hussam Mousa

  damien.chastrette.vcf
< 1K Download
 
 
 

1. new Project : Intrusion Detection System

we are working on a graduation project titled
"neural network based intrusion detection system"

we are basicly trying to create a system with human like skills for pattern
recognition , to supplement the widely available "rule-based IDS"
we will probably be building a hybrid between network based and host based
IDS, and we will be training our network to detect patterns that may seem
malicious or suspicious

I would really appreciate any help in pointing me to links, articles, or
previous projects
that could be relevant to our topic

also I would welcome any feedback from anybody who is interested in such a
project.

--
Best Regards
Hussam Mousa

2. Yet more M$ arrogance

3. New network intrusion detection system for Linux (GPL)

4. AWE 64 awedrv and modprobe problem

5. New kind of security tool for Intrusion Detection

6. Move a partition up

7. New Article in the Intrusion Detection Focus Area: Analyzing IDS Data

8. 'at' under Linux ?

9. Intrusion Detection Systems: An Introduction

10. SPECTER Intrusion Detection System

11. Intrusion Detection System.

12. System intrusion detection, primarily on linux servers with a handful of others