This paper describes results concerning the robustness and generalization capabilities of artificial neural networks in detecting intrusions using network audit trails. Through a variety of comparative experiments, it is found that neural network performs the best for intrusion detection. Feature selection is as important for intrusion detection as it is for many other problems. We present our work of identifying intrusion and normal pertinent features and evaluating the applicability of these features in detecting intrusions. We also present different feature selection methods for intrusion detection. It is demonstrated that, with appropriately chosen features, intrusions can be detected in real time or near real time.
展开▼