Abstract

In the field of intrusion detection systems, the aspect of anomaly detection is very important, and consequently there are many approaches that address these security issues. The usage of Self-Organizing Map (SOM) makes a foundation for some of these approaches, which consequently often have problems to cope with the requirements of huge nowadays networks. The proposed approach focuses on improving the usage of SOMs for anomaly detection, by combining the strengths of different SOM algorithms. The performed evaluations have shown the necessity of paying attention to different aspects, coming along with network nodes, to individually choose the best matching SOM for each node's anomaly detection.

@inproceedings{albayrak05,
 author = {Sahin Albayrak and Christian Scheel and Dragan Milosevic and Achim Müller},
 title = {Combining Self-Organizing Map Algorithms for Robust and Scalable Intrusion Detection},
 booktitle = {CIMCA '05: Proceedings of the International Conference on Computational Intelligence for Modelling, Control and Automation and International Conference on Intelligent Agents, Web Technologies and Internet Commerce Vol-2 (CIMCA-IAWTIC'06)},
 year = {2005},
 isbn = {0-7695-2504-0-02},
 pages = {123--130},
 doi={http://ieeexplore.ieee.org/iel5/10869/34212/01631456.pdf},
 publisher = {IEEE Computer Society},
 address = {Washington, DC, USA},
 }