O'Reilly logo

Mobile Intelligence by Bala Srinivasan, Ling Tan, Jianhua Ma, Agustinus Borgy Waluyo, Laurence T. Yang

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

26.8 CENTRALIZED ATTACK DETECTION

Neural networks are known to be a very powerful tool in detecting anomalous network traffic in high-performance networks. One such class of neural networks that has been used extensively for intrusion detection and attack detection is the self-organising map (SOM). A SOM is a nonlinear, ordered, smooth mapping of high-dimensional input data manifolds onto the elements of a regular, low-dimensional array [20]. From an intrusion detection perspective, the resulting geometric map of neurons depicts patterns of actual network traffic flow. By constructing a lattice mapping of higher dimensional data, the SOM facilitates visualization and subsequent analysis of data required for detecting anomalies in network traffic. The SOM algorithm is topology preserving in nature, that is, input pattern vectors close to each other in terms of similarity are mapped on neurons of the map, which are in close proximity to each other [12]. This characteristic of the SOM neural network makes it more practical for accurate differentiation between normal and anomalous network behavior. Several SOM-based intrusion detection schemes have been proposed in Refs [11, 12]. In wireless sensor networks, self-organizing maps have been introduced for generation of optimal data-aggregation trees [13] and context classification [2].

images

Figure 26.5 SOM overlay on base station.

We propose ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required