Resumo:
The number of cyber attack is growing up more and more, because, the tools of
invasion is become more widely e easy to find and the vulnerabilities take a long time
to be corrected. For all this, the Intrusion Detection System has become a necessary
device in the most of network security system. The main objective is identifying
potential violations in security policy. The most Intrusion Detection System are based
on rules and need that tha database be update every time that a new attack is
discovered. However, this task is not too simple, since the rules are complicated and
require deep knowledge of the attack that we wish detect, further than will consume
important time of the system administrator, who should make the database update
frequently. If the intrusion detection system not be updated, this system become a
security flaw, because it will not report a invasion when the network be invaded by a
unknown attack. This work has the purpose of show the use of artificial neural
network for the problem of detection of those violations and newer attack pattern. For
this, was used a Multi_layer Perceptorn (MLP) network whit the intuit of recognize
network attack patterns, having whit database the Third International Knowledge
Discover and Data Mining Tools Competition. As this database possesss discrete
and continuous fields, the normalization of the 41 fields was necessary that
composes it to make possible its use in the training of the neural nets. It was opted to
the use of 4 neural nets, which had as objective to detect a type of attack, Remote to- Local, User-to - the Root, Probe and Of, beyond recognizing the standards of
normal traffic correctly. Excellent results in the use of neural nets in the recognition of
standards of attack had been gotten, with high rate of detection of the new attacks
and decreases taxes of false positives and false negatives, having a case where
100% of attack detention occur and 100% of detention of normal traffic.