Neural visualization of network traffic data for intrusion detection

This study introduces and describes a novel intrusion detection system (IDS) called MOVCIDS (mobile visualization connectionist IDS). This system applies neural projection architectures to detect anomalous situations taking place in a computer network. By its advanced visualization facilities, the proposed IDS allows providing an overview of the network traffic as well as identifying anomalous situations tackled by computer networks, responding to the challenges presented by volume, dynamics and diversity of the traffic, including novel (0-day) attacks. MOVCIDS provides a novel point of view in the field of IDSs by enabling the most interesting projections (based on the fourth order statistics; the kurtosis index) of a massive traffic dataset to be extracted. These projections are then depicted through a functional and mobile visualization interface, providing visual information of the internal structure of the traffic data. The interface makes MOVCIDS accessible from any mobile device to give more accessibility to network administrators, enabling continuous visualization, monitoring and supervision of computer networks. Additionally, a novel testing technique has been developed to evaluate MOVCIDS and other IDSs employing numerical datasets. To show the performance and validate the proposed IDS, it has been tested in different real domains containing several attacks and anomalous situations. In addition, the importance of the temporal dimension on intrusion detection, and the ability of this IDS to process it, are emphasized in this workJunta de Castilla and Leon project BU006A08, Business intelligence for production within the framework of the Instituto Tecnologico de Cas-tilla y Leon (ITCL) and the Agencia de Desarrollo Empresarial (ADE), and the Spanish Ministry of Education and Innovation project CIT-020000-2008-2. The authors would also like to thank the vehicle interior manufacturer, Grupo Antolin Ingenieria S. A., within the framework of the project MAGNO2008-1028-CENIT Project funded by the Spanish Government

MOVICAB-IDS: Visual Analysis of Network Traffic Data Streams for Intrusion Detection

MOVICAB-IDS enables the more interesting projections of a massive traffic data set to be analysed, thereby providing an overview of any possible anomalous situations taking place on a computer network. This IDS responds to the challenges presented by traffic volume and diversity. It is a connectionist agent-based model extended by means of a functional and mobile visualization interface. The IDS is designed to be more flexible, accessible and portable by running on a great variety of applications, including small mobile ones such as PDA’s, mobile phones or embedded devices. Furthermore, its effectiveness has been demonstrated in different tests

RT-MOVICAB-IDS: Addressing real-time intrusion detection

This study presents a novel Hybrid Intelligent Intrusion Detection System (IDS) known as RT-MOVICAB-IDS that incorporates temporal control. One of its main goals is to facilitate real-time Intrusion Detection, as accurate and swift responses are crucial in this field, especially if automatic abortion mechanisms are running. The formulation of this hybrid IDS combines Artificial Neural Networks (ANN) and Case-Based Reasoning (CBR) within a Multi-Agent System (MAS) to detect intrusions in dynamic computer networks. Temporal restrictions are imposed on this IDS, in order to perform real/execution time processing and assure system response predictability. Therefore, a dynamic real-time multi-agent architecture for IDS is proposed in this study, allowing the addition of predictable agents (both reactive and deliberative). In particular, two of the deliberative agents deployed in this system incorporate temporal-bounded CBR. This upgraded CBR is based on an anytime approximation, which allows the adaptation of this Artificial Intelligence paradigm to real-time requirements. Experimental results using real data sets are presented which validate the performance of this novel hybrid IDSMinisterio de Economía y Competitividad (TIN2010-21272-C02-01, TIN2009-13839-C03-01), Ministerio de Ciencia e Innovación (CIT-020000-2008-2, CIT-020000-2009-12

A Soft Computing System to Perform Face Milling Operations

In this paper we present a soft computing system developed to optimize the face milling operation under High Speed conditions in the manufacture of steel components like molds with deep cavities. This applied research presents a multidisciplinary study based on the application of neural projection models in conjunction with identification systems, in order to find the optimal operating conditions in this industrial issue. Sensors on a milling centre capture the data used in this industrial case study defined under the frame of a machine-tool that manufactures industrial tools. The presented model is based on a two-phase application. The first phase uses a neural projection model capable of determine if the data collected is informative enough. The second phase is focus on identifying a model for the face milling process based on low-order models such as Black Box ones. The whole system is capable of approximating the optimal form of the model. Finally, it is shown that the Box-Jenkins algorithm, which calculates the function of a linear system from its input and output samples, is the most appropriate model to control such industrial task for the case of steel tools

A Soft Computing System to Perform Face Milling Operations

In this paper we present a soft computing system developed to optimize the face milling operation under High Speed conditions in the manufacture of steel components like molds with deep cavities. This applied research presents a multidisciplinary study based on the application of neural projection models in conjunction with identification systems, in order to find the optimal operating conditions in this industrial issue. Sensors on a milling centre capture the data used in this industrial case study defined under the frame of a machine-tool that manufactures industrial tools. The presented model is based on a two-phase application. The first phase uses a neural projection model capable of determine if the data collected is informative enough. The second phase is focus on identifying a model for the face milling process based on low-order models such as Black Box ones. The whole system is capable of approximating the optimal form of the model. Finally, it is shown that the Box-Jenkins algorithm, which calculates the function of a linear system from its input and output samples, is the most appropriate model to control such industrial task for the case of steel tools

Incorporating Temporal Constraints in the Planning Task of a Hybrid Intelligent IDS

Accurate and swift responses are crucial to Intrusion Detection Systems (IDSs), especially if automatic abortion mechanisms are running. In keeping with this idea, this work presents an extension of a Hybrid Intelligent IDS characterized by incorporating temporal control to facilitate real-time processing. The hybrid intelligent -IDS has been conceived as a Hybrid Artificial Intelligent System to perform Intrusion Detection in dynamic computer networks. It combines Artificial Neural Networks and Case-based Reasoning within a multiagent system, in order to develop a more efficient computer network security architecture. Although this temporal issue was taken into account in the initial formulation of this hybrid IDS, in this upgraded version, temporal restrictions are imposed in order to perform real/execution time processing. Experimental results are presented which validate the performance of this upgraded version