Recurrent nonsymmetric deep auto encoder approach for network intrusion detection system
Tóm tắt
An important part of network security is a network intrusion detection system (NIDS). In the face of the need for new networks, there are issues regarding the feasibility of traditional approaches. More directly, these difficulties are connected to the increasing degrees of human contact required and the diminishing levels of detection precision. A new deep learning intrusion detection approach is presented in this research to overcome these problems. The recurrent non-symmetric deep autoencoder we've suggested for learning unsupervised features is described here (RNDAE). A new deep learning classification model based on LightGBM RNDAEs is also shown. NSL-KDD, CICIDS2017, and CSECICIDS2018 datasets were used to evaluate our proposed classifier in TensorFlow. If our model holds up, it has the potential to be used in the latest generation of network intrusion detection systems (NIDS).
Từ khóa
#Deep learning #Anomaly detection #Autoencoders #NSLKDD #CICIDS #Network securityTài liệu tham khảo
[1] N. Shone T.N. Ngoc V.D. Phai Q. Shi A deep learning approach to network intrusion detection IEEE Transactions on Emerging Topics in Computational Intelligence 2 1 2018 41 50 10.1109/TETCI.2017.2772792 N. Shone, T. N. Ngoc, V. D. Phai, and Q. Shi, "A Deep Learning Approach to Network Intrusion Detection," IEEE Transactions on Emerging Topics in Computational Intelligence, vol. 2, no. 1, pp. 41-50, 2018, DOI: 10.1109/TETCI.2017.2772792.
[2] H.L.Y. Bengio P. Lamblin D. Popovici Greedy layer-wise training of deep networks Proceedings of the Advances in Neural Information Processing Systems 2007 10.7551/mitpress/7503.003.0024 H. L. Y. Bengio, P. Lamblin, D. Popovici, "Greedy Layer-Wise Training of Deep Networks," in Proceedings of the Advances in Neural Information Processing Systems, 2007. DOI: 10.7551/mitpress/7503.003.0024.
[3] D.P. Kingma M. Welling Auto-encoding variational bayes Accessed: Apr. 11, 2021. [Online]. Available: https://arxiv.org/abs/1312.6114v10 Dec. 2014 D. P. Kingma and M. Welling, "Auto-encoding variational bayes," Dec. 2014. Accessed: Apr. 11, 2021. [Online]. Available: https://arxiv.org/abs/1312.6114v10
[4] S. Shaukat Intrusion Detection and Attack Classification Leveraging Machine Learning Technique Proceedings of the 2020 14th International Conference on Innovations in Information Technology Nov. 2020 IIT 2020 198 202 10.1109/IIT50501.2020.9299093 S. Shaukat et al., "Intrusion Detection and Attack Classification Leveraging Machine Learning Technique," Proceedings of the 2020 14th International Conference on Innovations in Information Technology, IIT 2020, pp. 198-202, Nov. 2020, DOI: 10.1109/IIT50501.2020.9299093.
[5] R.R. Reddy Effective Discriminant Function for Intrusion Detection Using SVM 2016 1148 1153 R. R. Reddy, "Effective Discriminant Function for Intrusion Detection Using SVM," pp. 1148-1153, 2016.
null
[7] J. Coronel Gaviro A. Boukhamla CICIDS2017 dataset: performance improvements and validation as a robust intrusion detection system testbed Int. J. Inf. Comput. Secur. 1 1 2021 1 10.1504/IJICS.2021.10039325 J. Coronel Gaviro and A. Boukhamla, "CICIDS2017 Dataset: Performance Improvements and Validation as a Robust Intrusion Detection System Testbed," International Journal of Information and Computer Security, vol. 1, no. 1, p. 1, 2021, DOI: 10.1504/IJICS.2021.10039325.
[8] N. Farnaaz M.A. Jabbar Random forest modeling for network intrusion detection system Procedia - Procedia Computer Science 89 2016 213 217 10.1016/j.procs.2016.06.047 N. Farnaaz and M. A. Jabbar, "Random Forest Modeling for Network Intrusion Detection System," Procedia - Procedia Computer Science, vol. 89, pp. 213-217, 2016, DOI: 10.1016/j.procs.2016.06.047.
[9] NSL-KDD | Datasets | Research | Canadian Institute for Cybersecurity | UNB https://www.unb.ca/cic/datasets/nsl.html NSL-KDD | Datasets | Research | Canadian Institute for Cybersecurity | UNB." https://www.unb.ca/cic/datasets/nsl.html (accessed Apr. 11, 2021).
[10] IDS 2017 | Datasets | Research | Canadian Institute for Cybersecurity | UNB https://www.unb.ca/cic/datasets/ids-2017.html IDS 2017 | Datasets | Research | Canadian Institute for Cybersecurity | UNB." https://www.unb.ca/cic/datasets/ids-2017.html (accessed Aug. 05, 2021).
[11] IDS 2018 | Datasets | Research | Canadian Institute for Cybersecurity | UNB https://www.unb.ca/cic/datasets/ids-2018.html “IDS 2018 | Datasets | Research | Canadian Institute for Cybersecurity | UNB.” https://www.unb.ca/cic/datasets/ids-2018.html (accessed May 30, 2022).
[12] G. Zhao C. Zhang L. Zheng Intrusion Detection Using Deep Belief Network and Probabilistic Neural Network 2017 10.1109/CSE-EUC.2017.119 G. Zhao, C. Zhang, and L. Zheng, "Intrusion detection using deep belief network and probabilistic neural network," 2017. DOI: 10.1109/CSE-EUC.2017.119.
[13] HACKMAGEDDON – Information Security Timelines and Statistics https://www.hackmageddon.com/ HACKMAGEDDON - Information Security Timelines and Statistics." https://www.hackmageddon.com/ (accessed May 30, 2022).
[14] B.A. Pratomo Unsupervised Approach for Detecting Low Rate Attacks on Network Traffic with Autoencoder International Conference on Cyber Security and Protection of Digital Services 2018 Cyber Security) 1 8 B. A. Pratomo, "Unsupervised Approach for Detecting Low Rate Attacks on Network Traffic with Autoencoder," 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), pp. 1-8.
null
[16] Y. Deng Y. Jiao B.L. Lu Driver Sleepiness Detection Using LSTM Neural Network Security and Communication Networks 2017 10.1155/2017/4184196 Y. Deng, Y. Jiao, and B. L. Lu, "Driver sleepiness detection using LSTM neural network," in rs," Security and Communication Networks, 2017, DOI: 10.1155/2017/4184196.
[17] H. Karimipour A. Dehghantanha R.M. Parizi K.K.R. Choo H. Leung A Deep and Scalable Unsupervised Machine Learning System for Cyber-Attack Detection in Large-Scale Smart Grids IEEE Access 2019 10.1109/ACCESS.2019.2920326 H. Karimipour, A. Dehghantanha, R. M. Parizi, K. K. R. Choo, and H. Leung, "A Deep and Scalable Unsupervised Machine Learning System for Cyber-Attack Detection in Large-Scale Smart Grids," IEEE Access, 2019, DOI: 10.1109/ACCESS.2019.2920326.
[18] M.E. Aminanto R. Choi H.C. Tanuwidjaja P.D. Yoo K. Kim "Deep abstraction and weighted feature selection for Wi-Fi impersonation detection IEEE Transactions on Information Forensics and Security 13 3 2017 621 636 10.1109/TIFS.2017.2762828 Oct. M. E. Aminanto, R. Choi, H. C. Tanuwidjaja, P. D. Yoo, and K. Kim, "Deep abstraction and weighted feature selection for Wi-Fi impersonation detection," IEEE Transactions on Information Forensics and Security, vol. 13, no. 3, pp. 621-636, Oct. 2017, DOI: 10.1109/TIFS.2017.2762828.
[19] Y. Yu J. Long Z. Cai Network Intrusion Detection through Stacking Dilated Convolutional Autoencoders Security and Communication Networks 2017 10.1155/2017/4184196 Y. Yu, J. Long, and Z. Cai, "Network Intrusion Detection through Stacking Dilated Convolutional Autoencoders," Security and Communication Networks, 2017, DOI: 10.1155/2017/4184196.
[20] F. Salo A.B. Nassif A. Essex Dimensionality reduction with IG-PCA an ensemble classifier for network intrusion detection Comput. Network. 148 Jan. 2019 164 175 10.1016/J.COMNET.2018.11.010 F. Salo, A. B. Nassif, and A. Essex, "Dimensionality reduction with IG-PCA an ensemble classifier for network intrusion detection," Computer Networks, vol. 148, pp. 164-175, Jan. 2019, DOI 10.1016/J.COMNET.2018.11.010.
[21] J. Malik A. Akhunzada I. Bibi M. Imran A. Musaddiq S.W. Kim Hybrid deep learning: an efficient reconnaissance and surveillance detection mechanism in SDN IEEE Access 8 2020 134695 134706 10.1109/ACCESS.2020.3009849 J. Malik, A. Akhunzada, I. Bibi, M. Imran, A. Musaddiq, and S. W. Kim, "Hybrid Deep Learning: An Efficient Reconnaissance and Surveillance Detection Mechanism in SDN," IEEE Access, vol. 8, pp. 134695-134706, 2020, DOI: 10.1109/ACCESS.2020.3009849.
[22] H. Jaeger H. Haas Harnessing nonlinearity: predicting chaotic systems and saving energy in wireless communication Science 1979 10.1126/science.1091277 2004 H. Jaeger and H. Haas, "Harnessing Nonlinearity: Predicting Chaotic Systems and Saving Energy in Wireless Communication," Science (1979), 2004, DOI: 10.1126/science.1091277.
[23] F. Farahnakian J. Heikkonen A Deep Auto-Encoder Based Approach for an Intrusion Detection System International Conference on Advanced Communication Technology 2018 ICACT 178 183 10.23919/ICACT.2018.8323688 2018-Febru F. Farahnakian and J. Heikkonen, "A deep auto-encoder based approach for an intrusion detection system," International Conference on Advanced Communication Technology, ICACT, vol. 2018-Febru, pp. 178-183, 2018, DOI: 10.23919/ICACT.2018.8323688.
null
[25] A. Taylor S. Leblanc N. Japkowicz Anomaly Detection in Automobile Control Network Data with Long Short-Term Memory Networks 2016 10.1109/DSAA.2016.20 A. Taylor, S. Leblanc, and N. Japkowicz, "Anomaly detection in automobile control network data with long short-term memory networks," 2016. DOI: 10.1109/DSAA.2016.20.
null
[27] R. Singh H. Kumar R.K. Singla An intrusion detection system using network traffic profiling and online sequential extreme learning machine Expert Syst. Appl. 2015 10.1016/j.eswa.2015.07.015 R. Singh, H. Kumar, and R. K. Singla, "An intrusion detection system using network traffic profiling and online sequential extreme learning machine," Expert Systems With Applications, 2015, DOI: 10.1016/j.eswa.2015.07.015.
[28] M. Ring S. Wunderlich D. Scheuring D. Landes A. Hotho A survey of network-based intrusion detection data sets Comput. Secur. 2019 10.1016/j.cose.2019.06.005 M. Ring, S. Wunderlich, D. Scheuring, D. Landes, and A. Hotho, "A survey of network-based intrusion detection data sets," Computers and Security. 2019. DOI: 10.1016/j.cose.2019.06.005.
[29] A.L. Buczak E. Guven A survey of data mining and machine learning methods for cyber security intrusion detection IEEE Commun. Surv. Tutorials, 2016 10.1109/COMST.2015.2494502 A. L. Buczak and E. Guven, "A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection," IEEE Communications Surveys and Tutorials, 2016, DOI: 10.1109/COMST.2015.2494502.
[30] B.B. Zarpelão R.S. Miani C.T. Kawakani S.C. de Alvarenga A survey of intrusion detection in Internet of Things J. Netw. Comput. Appl. 2017 10.1016/j.jnca.2017.02.009 B. B. Zarpelao, R. S. Miani, C. T. Kawakani, and S. C. de Alvarenga, "A survey of intrusion detection in Internet of Things," Journal of Network and Computer Applications. 2017. DOI: 10.1016/j.jnca.2017.02.009.
[31] A. Milenkoski M. Vieira S. Kounev A. Avritzer B.D. Payne Evaluating computer intrusion detection systems: a survey of common practices ACM Comput. Surv. 2015 10.1145/2808691 A. Milenkoski, M. Vieira, S. Kounev, A. Avritzer, and B. D. Payne, "Evaluating computer intrusion detection systems: A survey of common practices," ACM Computing Surveys, 2015, DOI: 10.1145/2808691.
[32] B. Deore S. Bhosale A decisive approach to intrusion detection system using machine learning model WEENTECH Proceedings in Energy Mar. 2021 143 154 10.32438/WPE.152021 B. Deore and S. Bhosale, "A decisive approach to intrusion detection system using machine learning model," WEENTECH Proceedings in Energy, pp. 143-154, Mar. 2021, DOI: 10.32438/WPE.152021.
[33] A. Javaid Q. Niyaz W. Sun M. Alam A deep learning approach for network intrusion detection system Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (formerly BIONETICS) 2016 10.4108/eai.3-12-2015.2262516 A. Javaid, Q. Niyaz, W. Sun, and M. Alam, "A Deep Learning Approach for Network Intrusion Detection System," Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (formerly BIONETICS), 2016, DOI: 10.4108/eai.3-12-2015.2262516.