z-logo
Premium
Cascaded hybrid intrusion detection model based on SOM and RBF neural networks
Author(s) -
Almiani Muder,
AbuGhazleh Alia,
AlRahayfeh Amer,
Razaque Abdul
Publication year - 2020
Publication title -
concurrency and computation: practice and experience
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.309
H-Index - 67
eISSN - 1532-0634
pISSN - 1532-0626
DOI - 10.1002/cpe.5233
Subject(s) - intrusion detection system , computer science , artificial neural network , data mining , radial basis function , artificial intelligence , process (computing) , filter (signal processing) , anomaly based intrusion detection system , reduction (mathematics) , sophistication , pattern recognition (psychology) , machine learning , mathematics , social science , geometry , sociology , computer vision , operating system
Summary Cybercriminal activities over computer network systems are considered one of the preponderant issues that humanity will face in the coming two decades. The development steps in the design of intrusion detection systems must be carried out in analogous manner to sophistication levels of intrusions developed by hackers. This work proposes a layered hybrid intrusion detection model uses cascaded layers of Clustered Self‐Organized Map (CSOM) and Radial Basis Function (RBF) neural networks to improve the efficiency of detecting frequent and least frequent intrusions. K‐means clustered SOM was used to filter attacks as a first layer, whereas RBF‐based neural network worked as second filtering and attacked classification layer leading to significance reduction in time required to process connection records and notable improvements in the performance of intrusion detection. A new balanced version of cleansed NSL‐KDD dataset was used to validate and evaluate the proposed model. Compared with other existing schemes; the proposed model shows high detection performance in terms of accuracy 97.73% and false positive rate as low as 0.023%. In particular, for detecting least and most harmful attacks, U2R and R2L, the system achieved detection rate of 88.6% with false positive rate of 0.016. Comparative results showed that CSOM‐RBF model is more suitable for real‐life implementation than other many existing state‐of‐the‐art intrusion detection models.

This content is not available in your region!

Continue researching here.

Having issues? You can contact us here