This paper presents a novel approach for detecting network intrusions based on a competitive learning neural network. In the paper, the performance of this approach is compared to that of the self-organizing map (SOM), which is a popular unsupervised training algorithm used in intrusion detection. While obtaining a similarly accurate detection rate as the SOM does, the proposed approach uses only one forth of the computation time of the SOM. Furthermore, the clustering result of this method is independent of the number of the initial neurons. This approach also exhibits the ability to detect the known and unknown network attacks. The experimental results obtained by applying this approach to the KDD-99 data set demonstrate that the proposed approach performs exceptionally in terms of both accuracy and computation time. Keywords Network Security, Network Intrusion Detection, Data Mining, Artificial Neural Network, Competitive Learning.
John Zhong Lei, Ali A. Ghorbani