Deep Learning Based Hybrid Intrusion Detection Systems to Protect Satellite Networks

Journal of Network and Systems Management - Tập 31 - Trang 1-31 - 2023
Ahmad Taher Azar1,2,3, Esraa Shehab4,5, Ahmed M. Mattar6, Ibrahim A. Hameed7, Shaimaa Ahmed Elsaid5
1College of Computer and Information Sciences, Prince Sultan University, Riyadh, Saudi Arabia
2Automated Systems & Soft Computing Lab (ASSCL), Prince Sultan University, Riyadh, Saudi Arabia
3Faculty of Computers and Artificial Intelligence, Benha University, Benha, Egypt
4Department of Electrical Engineering, Computer Engineering and Systems Program, Badr University in Cairo (BUC), Cairo, Egypt
5Electronics and Communications Department, Faculty of Engineering, Zagazig University, Zagazig, Egypt
6Department of Computer Engineering and Artificial Intelligence, Military Technical College, Cairo, Egypt
7Department of ICT and Natural Sciences, Norwegian University of Science and Technology, Alesund, Norway

Tóm tắt

Despite the fact that satellite-terrestrial systems have advantages such as high throughput, low latency, and low energy consumption, as well as low exposure to physical threats and natural disasters and cost-effective global coverage, their integration exposes both of them to particular security challenges that can arise due to the migration of security challenges from one to another. Intrusion Detection Systems (IDS) can also be used to provide a high level of protection for modern network environments such as satellite-terrestrial integrated networks (STINs). To optimize the detection performance of malicious activities in network traffic, four hybrid intrusion detection systems for satellite-terrestrial communication systems (SAT-IDSs) are proposed in this paper. All the proposed systems exploit the sequential forward feature selection (SFS) method based on random forest (RF) to select important features from the dataset that increase relevance and reduce complexity and then combine them with a machine learning (ML) or deep learning (DL) model; Random Forest (RF), Long Short-Term memory (LSTM), Artificial Neural Networks (ANN), and Gated Recurrent Unit (GRU). Two datasets—STIN, which simulates satellite networks, and UNSW-NB15, which simulates terrestrial networks—were used to evaluate the performance of the proposed SAT-IDSs. The experimental results indicate that selecting significant and crucial features produced by RF-SFS vastly improves detection accuracy and computational efficiency. In the first dataset (STIN), the proposed hybrid ML system SFS-RF achieved an accuracy of 90.5% after using 10 selected features, compared to 85.41% when using the whole dataset. Furthermore, the RF-SFS-GRU model achieved the highest performance of the three proposed hybrid DL-based SAT-IDS with an accuracy of 87% after using 10 selected features, compared to 79% when using the entire dataset. In the second dataset (UNSW-NB15), the proposed hybrid ML system SFS-RF achieved an accuracy of 78.52% after using 10 selected features, compared to 75.4% when using the whole dataset. The model with the highest accuracy of the three proposed hybrid DL-based SAT-IDS was the RF-SFS-GRU model. It achieved an accuracy of 79% after using 10 selected features, compared to 74% when using the whole dataset.

Tài liệu tham khảo

Rath, M., Mishra, S.: Security approaches in machine learning for satellite communication. In: Machine Learning and Data Mining in Aerospace Technology, pp. 189–204 (2020) Li, K., Zhou, H., Tu, Z., Wang, W., Zhang, H.: Distributed network intrusion detection system in satellite-terrestrial integrated networks using federated learning. IEEE Access 8, 214852–214865 (2020) Nguyen, N.T., Chang, C.C.: A biometric-based authenticated key agreement protocol for user-to-user communications in mobile satellite networks. Wirel. Pers. Commun. 107(4), 1727–1758 (2019) Magdy, M.E., et al.: Anomaly-based intrusion detection system based on Feature selection and Majority Voting. Indones. J. Electr. Eng. Comput. Sci. (2023). https://doi.org/10.11591/ijeecs.v30.i3.pp1699-1706 Ashraf, I., Narra, M., Umer, M., Majeed, R., Sadiq, S., Javaid, F., Rasool, N.: A deep learning-based smart framework for cyber-physical and satellite system security threats detection. Electronics 11(4), 667 (2022) Elsaid, S.A., Albatati, N.S.: An optimized collaborative intrusion detection system for wireless sensor networks. Soft Comput. 24(16), 12553–12567 (2020) Elsayed, R., Hamada, R., Hammoudeh, M., Abdalla, M., Elsaid, S.A.: A hierarchical deep learning-based intrusion detection architecture for clustered Internet of Things. J. Sens. Actuator Netw. 12(1), 3 (2022) Vinayakumar, R., Alazab, M., Soman, K.P., Poornachandran, P., Al-Nemrat, A., Venkatraman, S.: Deep learning approach for intelligent intrusion detection system. IEEE Access 7, 41525–41550 (2019) Ahmed, L.A.H., Hamad, Y.A.M.: Machine learning techniques for network-based intrusion detection system: a survey paper. In: National Computing Colleges Conference (NCCC). IEEE, 2021. Eshakagdy, M., Matter, A.H.M.E.D., Hussin, S., Hassan, D., Elsaid, S.: A Comparative study of intrusion detection systems applied to NSL-KDD Dataset. Egypt. Int. J. Eng. Sci. Technol. (2022). https://doi.org/10.21608/eijest.2022.137441.1156 Stiawan, D., Idris, M.Y.B., Bamhdi, A.M., Budiarto, R.: CICIDS-2017 dataset feature analysis with information gain for anomaly detection. IEEE Access 8, 132911–132921 (2020) Maseer, Z.K., Yusof, R., Bahaman, N., Mostafa, S.A., Foozy, C.F.M.: Benchmarking of machine learning for anomaly based intrusion detection systems in the CICIDS2017 dataset. IEEE Access 9, 22351–22370 (2021) Shrestha, R., Omidkar, A., Roudi, S.A., Abbas, R., Kim, S.: Machine-learning-enabled intrusion detection system for cellular connected UAV networks. Electronics 10(13), 1549 (2021) Jiang, K., Wang, W., Wang, A., Wu, H.: Network intrusion detection combined hybrid sampling with deep hierarchical network. IEEE Access 8, 32464–32476 (2020) Ahmad, I., et al.: An efficient network intrusion detection and classification system. Mathematics 10(3), 530 (2022) Chandrashekar, G., Sahin, F.: A survey on feature selection methods. Comput. Electr. Eng. 40(1), 16–28 (2014) Kasongo, S.M., Sun, Y.: Performance analysis of intrusion detection systems using a feature selection method on the UNSW-NB15 dataset. J. Big Data 7, 1–20 (2020) Assis, M.V., Carvalho, L.F., Lloret, J., Proença, M.L., Jr.: A GRU deep learning system against attacks in software defined networks. J. Netw. Comput. Appl. 177, 102942 (2021) Thakkar, A., Lohiya, R.: Attack classification using feature selection techniques: a comparative study. J. Ambient. Intell. Humaniz. Comput. 12, 1249–1266 (2021) Gaur, V., Kumar, R.: Analysis of machine learning classifiers for early detection of DDoS attacks on IoT devices. Arab. J. Sci. Eng. 47(2), 1353–1374 (2022) Moustafa, N., Slay, J.: UNSW-NB15. A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 Military Communications and Information Systems Conference (MilCIS), November 2015, pp. 1–6. IEEE. Li, M., Zhang, W., Hu, B., Kang, J., Wang, Y., Lu, S.: Automatic assessment of depression and anxiety through encoding pupil-wave from HCI in VR scenes. ACM Trans. Multimedia Comput. Commun. Appl. (2022). https://doi.org/10.1145/3513263 Song, Y., Zhao, G., Zhang, B., Chen, H., Deng, W., Deng, W.: An enhanced distributed differential evolution algorithm for portfolio optimization problems. Eng. Appl. Artif. Intell. 121, 106004 (2023) Zhou, X., Cai, X., Zhang, H., Zhang, Z., Jin, T., Chen, H., Deng, W.: Multi-strategy competitive-cooperative co-evolutionary algorithm and its application. Inf. Sci. 635, 328–344 (2023) Chaganti, R., Suliman, W., Ravi, V., Dua, A.: Deep learning approach for SDN-enabled intrusion detection system in IoT networks. Information 14(1), 41 (2023) Henry, A., Gautam, S., Khanna, S., Rabie, K., Shongwe, T., Bhattacharya, P., Sharma, B., Chowdhury, S.: Composition of hybrid deep learning model and feature optimization for intrusion detection system. Sensors 23(2), 890 (2023) Mijalkovic, J., Spognardi, A.: Reducing the false negative rate in deep learning based network intrusion detection systems. Algorithms 15(8), 258 (2022) Sahu, S.K., Mohapatra, D.P., Rout, J.K., Sahoo, K.S., Pham, Q.V., Dao, N.N.: A LSTM-FCNN based multi-class intrusion detection using scalable framework. Comput. Electr. Eng. 99, 107720 (2022) An, P., Wang, Z., Zhang, C.: Ensemble unsupervised autoencoders and Gaussian mixture model for cyberattack detection. Inf. Process. Manag. 59(2), 102844 (2022) Tonkal, Ö., Polat, H., Başaran, E., Cömert, Z., Kocaoğlu, R.: Machine learning approach equipped with neighbourhood component analysis for DDoS attack detection in software-defined networking. Electronics 10(11), 1227 (2021) Yin, Y., Jang-Jaccard, J., Xu, W., Singh, A., Zhu, J., Sabrina, F., Kwak, J.: IGRF-RFE: A hybrid feature selection method for MLP-based network intrusion detection on UNSW-NB15 Dataset. J. Big Data 10(1), 1–26 (2023) Subba, B., Biswas, S., Karmakar, S.: A neural network based system for intrusion detection and attack classification. In: 2016 Twenty Second National Conference on Communication (NCC), IEEE, March 2016, pp. 1–6 Muhuri, P.S., Chatterjee, P., Yuan, X., Roy, K., Esterline, A.: Using a long short-term memory recurrent neural network (LSTM-RNN) to classify network attacks. Information 11(5), 243 (2020) Halbouni, A., Gunawan, T.S., Habaebi, M.H., Halbouni, M., Kartiwi, M., Ahmad, R.: CNN-LSTM: hybrid deep neural network for network intrusion detection system. IEEE Access 10, 99837–99849 (2022) Faker, O., Dogdu, E.: Intrusion detection using big data and deep learning techniques. In: Proceedings of the 2019 ACM Southeast Conference, April 2019, pp. 86–93. Aziz, A.S.A., Hassanien, A.E., Azar, A.T., Hanafy, S.E.: Genetic algorithm with different feature selection techniques for anomaly detectors generation. In: 2013 Federated Conference on Computer Science and Information Systems (FedCSIS), Kraków, Poland, 8–11 Sept 2013 (2013). Jothi, G., Inbarani, H.H., Azar, A.T., Devi, K.R.: Rough set theory with Jaya optimization for acute lymphoblastic leukemia classification. Neural Comput. Appl. 31(9), 5175–5194 (2019) Jothi, G., Inbarani, H.H., Azar, A.T.: Hybrid tolerance rough set: PSO based supervised feature selection for digital mammogram images. Int. J. Fuzzy Syst. Appl. 3(4), 15–30 (2013) Inbarani, H.H., Banu, P.K.N., Azar, A.T.: Feature selection using swarm-based relative reduct technique for fetal heart rate. Neural Comput. Appl. 25(3–4), 793–806 (2014). https://doi.org/10.1007/s00521-014-1552-x Khan, A.R., Saba, T., Khan, M.Z., Fati, S.M., Khan, M.U.G.: Classification of human’s activities from gesture recognition in live videos using deep learning. Concurr. Comput. Pract. Exp. (2022). https://doi.org/10.1002/cpe.6825 Rehman, A., Saba, T., Tariq, U., Noor, A.: Deep learning-based COVID-19 detection using CT and X-ray images: current analytics and comparisons. IT Prof. 23, 63–68 (2021). https://doi.org/10.1109/MITP.2020.3036820 Rehman, A., Sadad, T., Saba, T., Hussain, A., Tariq, U.: Real-time diagnosis system of COVID-19 using X-ray images and deep learning. IT Prof. 23, 57–62 (2021). https://doi.org/10.1109/MITP.2020.3042379 Saba, T., Khan, M.A., Rehman, A., Marie-Sainte, S.L.: Region extraction and classification of skin cancer: a heterogeneous framework of deep CNN Features fusion and reduction. J. Med. Syst. 43, 289:1-289:19 (2019). https://doi.org/10.1007/s10916-019-1413-3 Bisong, E.: Building Machine Learning and Deep Learning Models on Google Cloud Platform, pp. 59–64. Apress, Berkeley, CA (2019)
Thông tin
Thông tin xuất bản

Journal of Network and Systems Management

Tập 31

1-31

Thông tin tác giả