Due to the increase of high-speed Internet access, the need for secure and reliable networks is more critical. Sophistication of network attacks as well as their severity has also increased recently, so more and more organizations are becoming vulnerable to potential attacks. The aim of our research is to classify the network attacks using neural networks (NN) which leads to a higher detection rate in less time. This study focuses on two classification types of records: a single class (normal, or attack), and a multi class (normal, DoS, PRB, R2L, U2R), where the category of attack is also detected by the NN. Extensive analysis is conducted in order to assess the translation of the symbolic data, the partitioning of training data and the complexity of the architecture. The back-propagation neural network intrusion detection system (BPNNIDS) proposed in this paper is tested against traditional and other machine learning algorithms using common data set: the DARPA 98 KDD99 benchmark data set from the International Knowledge Discovery and Data Mining Tools [4]. It shows superior response compared to other techniques reported in literature especially regarding time and human interaction. |
