Date of Award
Master of Science in Computer Engineering - (M.S.)
Electrical and Computer Engineering
Constantine N. Manikopoulos
Yun Q. Shi
Attacks detection and visualization is the process of attempting to identify instances of network misuse by comparing current activity against the expected actions of an intruder. Most current approaches to attack detection involve the use of rule-based expert systems to identify indications of known attacks. However, these techniques are less successful in identifying attacks, which vary from expected patterns. Artificial neural networks provide the potential to identify and classify network activity based on limited, incomplete, and nonlinear data sources. Presenting an approach to the process of Attack visualization that utilizes the analytical strengths of neural networks, and providing the results from a preliminary analysis of the network parameters being watched like Internet Protocol (IP) packet length, packet traffic, IP byte traffic, IP packet rate, IP byte rate, User Datagram Protocol (UDP) packet length, UDP packet traffic, UDP byte traffic, UDP packet rate, UDP byte rate, Heart Beat (HB) End-to-end delay, and HB Packet loss rate. Beside collected attack data, numerical simulated data was generated using the neural network sigmoids with Matlab. The characteristics of the obtained data showed lots of similarities with the actual collected network data. Further work is continuing to obtain different attack data using the Opnet simulating program.
Rabie, Mohammad A., "Attack visualization for intrusion detection system" (2002). Theses. 679.