Yalei Ding
ABSTRACT
With the increment of cyber traffic, there is a growing demand for cyber security. How to accurately detect cyber intrusions is the hotspot of recent research. Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, lacks reliability and accuracy. In this paper, we build an IDS model with deep learning methodology. Instead of the traditional machine learning used in previous researches, we think deep learning has the potential to perform better in extracting features of massive data considering the massive cyber traffic in real life. Therefore, we propose to train an IDS model based on Convolution Neural Networks (CNN), a typical deep learning method, using entire NSL-KDD dataset. We study the performance of the model using multi class classification to compare with the performance of traditional machine learning methods including Random Forest (RF) and Support Vector Machine (SVM), and deep learning methods including Deep Belief Network (DBN) and Long Short Term Memory (LSTM). The experimental results show that the performance of our IDS model is superior to the performance of models based on traditional machine learning methods and novel deep learning methods in multi-class classification. Our model improves the accuracy of the intrusion detection and provides a new research direction for intrusion detection.
- SANS Institute.(2018, Oct.) The History and Evolution of Intrusion Detection. {Online}.Available: https://www.sans.org/reading-room/whitepapers/detection/history-evolution-intrusion-detection-344.Google Scholar
- Sarkar T, Das N. Survey on Host and Network Based Intrusion Detection System{J}. 2014, 6(2):2266--2269.Google Scholar
- Yin C, Zhu Y, Fei J, et al. A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks{J}. IEEE Access, 2017, 5(99):21954--21961.Google ScholarCross Ref
- MLecun Y, Bengio Y, Hinton G. Deep learning{J}. Nature, 2015, 521(7553):436.Google ScholarCross Ref
- Schmidhuber J. Deep Learning in neural networks: An overview.{J}. Neural Netw, 2015, 61:85--117. Google ScholarDigital Library
- Javaid A, Niyaz Q, Sun W, et al. A Deep Learning Approach for Network Intrusion Detection System{C}// Eai International Conference on Bio-Inspired Information and Communications Technologies. ICST, 2016:21--26. Google ScholarDigital Library
- Kuang F, Xu W, Zhang S. A novel hybrid KPCA and SVM with GA model for intrusion detection{J}. Applied Soft Computing Journal, 2014, 18(C):178--184. Google ScholarDigital Library
- Li W, Yi P, Wu Y, et al. A New Intrusion Detection System Based on KNN Classification Algorithm in Wireless Sensor Network{J}. Journal of Electrical and Computer Engineering, 2014, 2014(5):1--8.Google Scholar
- Ingre B, Yadav A. Performance analysis of NSL-KDD dataset using ANN{C}// International Conference on Signal Processing and Communication Engineering Systems. IEEE, 2015:92--96.Google Scholar
- Farnaaz N, Jabbar M A. Random Forest Modeling for Network Intrusion Detection System{J}. Procedia Computer Science, 2016, 89:213--217.Google ScholarCross Ref
- Buczak A L, Guven E. A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection{J}. IEEE Communications Surveys and Tutorials, 2017, 18(2):1153--1176.Google ScholarCross Ref
- Qu F, Zhang J, Shao Z, et al. An Intrusion Detection Model Based on Deep Belief Network{C}// Vi International Conference. 2017:97--101. Google ScholarDigital Library
- Kim J, Kim J, Thu H L T, et al. Long Short Term Memory Recurrent Neural Network Classifier for Intrusion Detection{C}// International Conference on Platform Technology and Service. IEEE, 2016:1--5.Google Scholar
- Abolhasanzadeh B. Nonlinear dimensionality reduction for intrusion detection using auto-encoder bottleneck features{C}// Information and Knowledge Technology. IEEE, 2015:1--5.Google Scholar
- Fiore U, Palmieri F, Castiglione A, et al. Network anomaly detection with the restricted Boltzmann machine{J}. Neurocomputing, 2013, 122:13--23. Google ScholarDigital Library
- Gibiansky A.(2018, Oct.) Convolutional Neural Networks{Online}. Available: http://andrew.gibiansky.com/blog/machine-learning/convolutional-neural-networks/.Google Scholar
- Y. LeCun.(2018, Oct.) Learning Invariant feature Hierarchies, 2012. {Online}. Available: http://yann.lecun.com/exdb/publis/pdf/lecun-eccv-12.pdf. Google ScholarDigital Library
- (2018, Oct.) KDD Cup 1999. {Online}. Available: http://kdd.ics.uci.edu/databases/kddcup99/.Google Scholar
- Paulauskas N, Auskalnis J. Analysis of data pre-processing influence on intrusion detection using NSL-KDD dataset{C}// Electrical, Electronic and Information Sciences. IEEE, 2017:1--5.Google Scholar
- Shone N, Ngoc T N, Phai V D, et al. A Deep Learning Approach to Network Intrusion Detection{J}. IEEE Transactions on Emerging Topics in Computational Intelligence, 2018, 2(1):41--50.Google ScholarCross Ref
- Naseer S, Saleem Y, Khalid S, et al. Enhanced Network Anomaly Detection Based on Deep Neural Networks{J}. IEEE Access, 2018, PP(99):1--1.Google ScholarCross Ref
Index Terms
- Intrusion Detection System for NSL-KDD Dataset Using Convolutional Neural Networks
Recommendations
Intrusion Detection Using Convolutional Neural Networks for Representation Learning
Neural Information ProcessingAbstractThe intrusion detection based on deep learning method has been widely attempted for representation learning. However, in various deep learning models for intrusion detection, there is rarely convolutional neural networks (CNN) model. In this work, ...
A Convolutional Neural Network With Feature Selection-Based Network Intrusion Detection
This paper attempts to provide a demonstration the importance of the feature selection (FS) in the data mining filed for the optimization. The author’s aim to develop a Convolutional Neural Network (CNN) based Network Intrusion Detection System (NIDS)...
A comparative simulation of normalization methods for machine learning-based intrusion detection systems using KDD Cup’99 dataset
Network Intrusion detection systems (NIDS) detect malicious and intrusive information in computer networks. Presently, commercial NIDS is based on machine learning approaches that have complex algorithms and increase intrusion detection efficiency and ...
Comments