Aneetha.A.S., Revathi.S and Bose.S, Anna University, India

Detection of unexpected and emerging new threats has become a necessity for secured internet communication with absolute data confidentiality, integrity and availability. Design and development of such a detection system shall not only be new, accurate and fast but also effective in a dynamic environment encompassing the surrounding network. In this paper, an algorithm is proposed for anomaly detection through modifying the Self – Organizing Map (SOM), by including new neighbourhood updating rules and learning rate dynamically in order to overcome the fixed architecture and random weight vector assignment. The algorithm initially starts with null network and grows with the original data space as initial weight vectors. New nodes are created using distance threshold parameter and their neighbourhood is identified using connection strength. Employing learning rule, the weight vector updation is carried out for neighbourhood nodes. Performance of the new algorithm is evaluated for using standard bench mark dataset. The result is compared with other neural network methods, shows 98% detection rate and 2% false alarm rate.

Anomaly Detection, Learning Rate, Weight Vector, Neighbourhood Function