Implementation of Echostate Network in NIDS

摘要

Identifying instances of network attacks by comparing current activity against theexpected actions of an intruder has become an important. Most currentapproaches to misuse detection involve the use of rule-based expert systems toidentify indications of known attacks. Artificial neural networks provide thepotential to identify and classify network activity based on limited, incomplete,and nonlinear data sources. Transmission of data over the internet keeps onincreasing, which needs to protect connected systems also increasing. IntrusionDetection Systems (IDSs) are the latest technology used for this purpose.Although the field of IDSs is still developing, the systems that do exist are still notcomplete, in the sense that they are not able to detect all types of intrusions.Some attacks which are detected by various tools available today cannot bedetected by other products, depending on the types and methods that they arebuilt on. In this work, an artificial neural network using echo state networkalgorithm has been used to implement the IDS. This paper proposes anapproach to implement recurrent echo state network real time IDS. Twenty fourpacket information both normal and intrusion have been considered for training.Testing has been done with new sets of packet information. The result ofintrusion detection (ID) is very close to 90%. The topology of the echo statenetwork is (41 X 20 X 1). The network converged with 24 iterations. However,very huge amount of packets are to be evaluated to know the completeperformance of the developed system.