Skip to main content
SpringerLink
Log in

A Three-Layer Architecture for Intelligent Intrusion Detection Using Deep Learning

  • Conference paper
  • First Online:
Proceedings of Fifth International Congress on Information and Communication Technology

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1184))

Abstract

Recently, the increasing number of machine learning algorithms has been used in network intrusion detection system (NIDS) to detect abnormal behaviors in the network. Many available datasets were created to evaluate the performance of the model, such as KDD CUP99 and NSL-KDD. However, with the increasing scale of data and the emergence of advanced attacks, conventional machine learning algorithms can hardly perform well. Fortunately, the development of deep learning provides new direction for solving these problems. In this paper, in order to detect novel attacks in a network and improve detection efficiency, we proposed a flexible framework based on deep neural network (DNN). In our framework, we apply different feature reduction methods and activation functions to get the best performance. Moreover, through changing hyper-parameter of the model, we select better network structure. To evaluate our framework, we select ISCX 2012 and CICIDS 2017 as a benchmark and apply the proposed framework to these datasets. As a result, we observe high accuracy rate and low FAR for both binary and multi-class classifications. Overall, our proposed framework is universal and useful for detecting zero-day attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Larson, D.: Distributed denial of service attacks-holding back the flood. Netw. Secur. 2016(3), 5–7 (2016)

    Article  Google Scholar 

  2. Staudemeyer, R.C.: Applying long short-term memory recurrent neural networks to intrusion detection. South Afr. Comput. J. 56(1), 136–154 (2015)

    Google Scholar 

  3. Mishra, P., Varadharajan, V., Tupakula, U., Pilli, E.S.: A detailed investigation and analysis of using machine learning techniques for intrusion detection. IEEE Commun. Surveys Tuts. https://doi.org/10.1109/comst.2018.2847722 (to be published)

  4. Potluri, Sasanka: Diedrich, Christian: Accelerated Deep Neural Networks for Enhanced Intrusion Detection System. IEEE Press, New York (2016)

    Google Scholar 

  5. Rahul Vigneswaran, K., et al.: Evaluating Shallow and Deep Neural Networks for Network Intrusion Detection Systems in Cyber Security. IEEE Press, India (2018)

    Book  Google Scholar 

  6. Zhu, M., Ye, K., Xu, C.-Z.: Network anomaly detection and identification based on deep learning methods, pp. 219–234 (2018). https://doi.org/10.1007/978-3-319-94295-7_15

  7. Naseer, Sheraz, et al.: Enhanced network anomaly detection based on deep neural networks. IEEE Access 6, 48231–48246 (2018)

    Google Scholar 

  8. Vinayakumar, R.: Deep learning approach for intelligent intrusion detection system, vol. 2019, pp. 41525–41550. https://doi.org/10.1109/ACCESS.2019.2895334

  9. Ozgur, A., Erdem, H.: A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015. PeerJ PrePrints 4(2016), Art. no. e1954

    Google Scholar 

  10. Sabhnani, M., Serpen, G.: Why machine learning algorithms fail in misuse detection on KDD intrusion detection data set. Intell. Data Anal. 8(4), 403–415 (2004)

    Article  Google Scholar 

  11. Tang, M., Alazab, M., Luo, Y., Donlon, M.: Disclosure of cyber security vulnerabilities: time series modelling. Int. J. Electron. Secur. Digit. Forensics 10(3), 255–275 (2018)

    Article  Google Scholar 

  12. Paxson, V.: Bro: A system for detecting network intruders in realtime. Comput. Netw. 31(23–24), 2435–2463 (1999). https://doi.org/10.1016/S1389-1286(99)00112-7

    Article  Google Scholar 

  13. NSL-KDD dataset (2018). http://www.unb.ca/cic/datasets/nsl.html

  14. Abadi, B., Barham, P., Chen, J., Chen, Z., Davis, A., Dean, J., Devin, M., Ghemawat, S., Irving, G., Isard, M., et al.: Tensorflow: a system for large-scale machine learning. OSDI 16, 265–283 (2016)

    Google Scholar 

  15. Koch, R., Golling, M.G., Rodosek, G.D.: Towards comparability of intrusion detection systems: new data sets. In: Proceedings of the TERENA Networking Conference, p. 7 (2017)

    Google Scholar 

  16. Sato, M., Yamaki, H., Takakura, H.: Unknown attacks detection using feature extraction from anomaly-based ids alerts. In: 2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet (SAINT), pp. 273–277 (2012)

    Google Scholar 

  17. McHugh, J.: Testing intrusion detection systems: a critique of the 1998 and 1999 Darpa intrusion detection system evaluations as performed by Lincoln laboratory. ACM Trans. Inf. Syst. Secur. 3(4), 262–294 (2000)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Northwestern Polytechnical University, Xi’an, China

    Liu Zhiqiang, Lin Zhijun, Gong Ting, Shi Yucheng & Mohi-Ud-Din Ghulam

Authors
  1. Liu Zhiqiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lin Zhijun
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gong Ting
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Shi Yucheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mohi-Ud-Din Ghulam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohi-Ud-Din Ghulam .

Editor information

Editors and Affiliations

  1. Middlesex University, London, UK

    Xin-She Yang

  2. The University of Reading, Reading, UK

    Simon Sherratt

  3. Techno India Institute of Technology, Kolkata, West Bengal, India

    Nilanjan Dey

  4. Global Knowledge Research Foundation, Ahmedabad, Gujarat, India

    Amit Joshi

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zhiqiang, L., Zhijun, L., Ting, G., Yucheng, S., Ghulam, MUD. (2021). A Three-Layer Architecture for Intelligent Intrusion Detection Using Deep Learning. In: Yang, XS., Sherratt, S., Dey, N., Joshi, A. (eds) Proceedings of Fifth International Congress on Information and Communication Technology. Advances in Intelligent Systems and Computing, vol 1184. Springer, Singapore. https://doi.org/10.1007/978-981-15-5859-7_24

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-5859-7_24

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-5858-0

  • Online ISBN: 978-981-15-5859-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation