Nowadays computer and network security has become a major cause of concern for experts community, due to the growing number of devices connected to the network. For this reason, optimizing the performance of systems able to detect intrusions (IDS - Intrusion Detection System) is a goal of common interest. This paper presents a methodology to classify hacking attacks taking advantage of the generalization property of neural networks. In particular, in this work we adopt the multilayer perceptron (MLP) model with the back-propagation algorithm and the sigmoidal activation function. We analyse the results obtained using different configurations for the neural network, varying the number of hidden layer sand the number of training epochs in order to obtaina low number of false positives. The obtained results will be presented in terms of type of attacks and training epochs and we will show that the best classification is carried out for DOS and Probe attacks. © Springer International Publishing AG 2018.
Using multilayer perceptron in computer security to improve intrusion detection / Amato, Flora; Cozzolino, Giovanni; Mazzeo, Antonino; Vivenzio, Emilio. - 76:(2018), pp. 210-219. [10.1007/978-3-319-59480-4_22]
Using multilayer perceptron in computer security to improve intrusion detection
Amato Flora;Cozzolino Giovanni;Mazzeo Antonino;VIVENZIO, EMILIO
2018
Abstract
Nowadays computer and network security has become a major cause of concern for experts community, due to the growing number of devices connected to the network. For this reason, optimizing the performance of systems able to detect intrusions (IDS - Intrusion Detection System) is a goal of common interest. This paper presents a methodology to classify hacking attacks taking advantage of the generalization property of neural networks. In particular, in this work we adopt the multilayer perceptron (MLP) model with the back-propagation algorithm and the sigmoidal activation function. We analyse the results obtained using different configurations for the neural network, varying the number of hidden layer sand the number of training epochs in order to obtaina low number of false positives. The obtained results will be presented in terms of type of attacks and training epochs and we will show that the best classification is carried out for DOS and Probe attacks. © Springer International Publishing AG 2018.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
