Due to the expansion of high-speed Internet access, the need for secure and reliable networks has become more critical. The sophistication
of network attacks, as well as their severity, has also increased recently. As such, more and more organizations are becoming
vulnerable to attack. The aim of this research is to classify network attacks using neural networks (NN), which leads to a higher detection
rate and a lower false alarm rate in a shorter time. This paper focuses on two classification types: a single class (normal, or attack),
and a multi class (normal, DoS, PRB, R2L, U2R), where the category of attack is also detected by the NN. Extensive analysis is conducted
in order to assess the translation of symbolic data, partitioning of the training data and the complexity of the architecture. This
paper investigates two engines; the first engine is the back-propagation neural network intrusion detection system (BPNNIDS) and the
second engine is the radial basis function neural network intrusion detection system (BPNNIDS).The two engines proposed in this
paper are tested against traditional and other machine learning algorithms using a common dataset: the DARPA 98 KDD99 benchmark
dataset from International Knowledge Discovery and Data Mining Tools. BPNNIDS shows a superior response compared to the other
techniques reported in literature especially in terms of response time, detection rate and false positive rate. |