Abstract
Recently, the increasing number of machine learning algorithms has been used in network intrusion detection system (NIDS) to detect abnormal behaviors in the network. Many available datasets were created to evaluate the performance of the model, such as KDD CUP99 and NSL-KDD. However, with the increasing scale of data and the emergence of advanced attacks, conventional machine learning algorithms can hardly perform well. Fortunately, the development of deep learning provides new direction for solving these problems. In this paper, in order to detect novel attacks in a network and improve detection efficiency, we proposed a flexible framework based on deep neural network (DNN). In our framework, we apply different feature reduction methods and activation functions to get the best performance. Moreover, through changing hyper-parameter of the model, we select better network structure. To evaluate our framework, we select ISCX 2012 and CICIDS 2017 as a benchmark and apply the proposed framework to these datasets. As a result, we observe high accuracy rate and low FAR for both binary and multi-class classifications. Overall, our proposed framework is universal and useful for detecting zero-day attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Larson, D.: Distributed denial of service attacks-holding back the flood. Netw. Secur. 2016(3), 5–7 (2016)
Staudemeyer, R.C.: Applying long short-term memory recurrent neural networks to intrusion detection. South Afr. Comput. J. 56(1), 136–154 (2015)
Mishra, P., Varadharajan, V., Tupakula, U., Pilli, E.S.: A detailed investigation and analysis of using machine learning techniques for intrusion detection. IEEE Commun. Surveys Tuts. https://doi.org/10.1109/comst.2018.2847722 (to be published)
Potluri, Sasanka: Diedrich, Christian: Accelerated Deep Neural Networks for Enhanced Intrusion Detection System. IEEE Press, New York (2016)
Rahul Vigneswaran, K., et al.: Evaluating Shallow and Deep Neural Networks for Network Intrusion Detection Systems in Cyber Security. IEEE Press, India (2018)
Zhu, M., Ye, K., Xu, C.-Z.: Network anomaly detection and identification based on deep learning methods, pp. 219–234 (2018). https://doi.org/10.1007/978-3-319-94295-7_15
Naseer, Sheraz, et al.: Enhanced network anomaly detection based on deep neural networks. IEEE Access 6, 48231–48246 (2018)
Vinayakumar, R.: Deep learning approach for intelligent intrusion detection system, vol. 2019, pp. 41525–41550. https://doi.org/10.1109/ACCESS.2019.2895334
Ozgur, A., Erdem, H.: A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015. PeerJ PrePrints 4(2016), Art. no. e1954
Sabhnani, M., Serpen, G.: Why machine learning algorithms fail in misuse detection on KDD intrusion detection data set. Intell. Data Anal. 8(4), 403–415 (2004)
Tang, M., Alazab, M., Luo, Y., Donlon, M.: Disclosure of cyber security vulnerabilities: time series modelling. Int. J. Electron. Secur. Digit. Forensics 10(3), 255–275 (2018)
Paxson, V.: Bro: A system for detecting network intruders in realtime. Comput. Netw. 31(23–24), 2435–2463 (1999). https://doi.org/10.1016/S1389-1286(99)00112-7
NSL-KDD dataset (2018). http://www.unb.ca/cic/datasets/nsl.html
Abadi, B., Barham, P., Chen, J., Chen, Z., Davis, A., Dean, J., Devin, M., Ghemawat, S., Irving, G., Isard, M., et al.: Tensorflow: a system for large-scale machine learning. OSDI 16, 265–283 (2016)
Koch, R., Golling, M.G., Rodosek, G.D.: Towards comparability of intrusion detection systems: new data sets. In: Proceedings of the TERENA Networking Conference, p. 7 (2017)
Sato, M., Yamaki, H., Takakura, H.: Unknown attacks detection using feature extraction from anomaly-based ids alerts. In: 2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet (SAINT), pp. 273–277 (2012)
McHugh, J.: Testing intrusion detection systems: a critique of the 1998 and 1999 Darpa intrusion detection system evaluations as performed by Lincoln laboratory. ACM Trans. Inf. Syst. Secur. 3(4), 262–294 (2000)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Zhiqiang, L., Zhijun, L., Ting, G., Yucheng, S., Ghulam, MUD. (2021). A Three-Layer Architecture for Intelligent Intrusion Detection Using Deep Learning. In: Yang, XS., Sherratt, S., Dey, N., Joshi, A. (eds) Proceedings of Fifth International Congress on Information and Communication Technology. Advances in Intelligent Systems and Computing, vol 1184. Springer, Singapore. https://doi.org/10.1007/978-981-15-5859-7_24
Download citation
DOI: https://doi.org/10.1007/978-981-15-5859-7_24
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-5858-0
Online ISBN: 978-981-15-5859-7
eBook Packages: EngineeringEngineering (R0)