Intrusion detection using emergent self-organizing maps
Paper in proceedings, 2006
In this paper, we analyze the potential of using Emergent Self-Organizing Maps (ESOMs) based on Kohonen Self -Organizing maps in order to detect intrusive behaviours. The proposed approach combines machine learning and information visualization techniques to analyze network traffic and is based on classifying "normal" versus "abnormal" traffic. The results are promising as they show the ability of eSOMs to classify normal against abnormal behaviour regarding false alarms and detection probabilities. © Springer-Verlag Berlin Heidelberg 2006.