Skip to main content
SpringerLink
Log in

Effective network intrusion detection by addressing class imbalance with deep neural networks multimedia tools and applications

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

The Intrusion Detection System plays a significant role in discovering malicious activities and provides better network security solutions than other conventional defense techniques such as firewalls. With the aid of machine learning-based techniques, such systems can detect attacks more accurately by identifying the relevant data patterns. However, the nature of network data, time-varying environment, and unknown occurrence of attacks made the learning task very complex. We propose a deep neural network that utilizes the classifier-level class imbalance solution to solve this problem effectively. Initially, the network data is preprocessed through data conversion followed by the min-max normalization method. Then, normalized data is fed to neural network where the cross-entropy function is modified to address the class imbalance problem. It is achieved by weighting the classes while training the classifier. The extensive experiments are performed on two challenging datasets, namely NSL-KDD and UNSW-NB15, to establish the superiority of the proposed approach. It includes comparisons with commonly employed imbalance approaches such as under-sampling, over-sampling, and bagging as well as existing works. The proposed approach attains 85.56% and 90.76% classification accuracy on NSL-KDD and UNSW-NB15 datasets, respectively. These outcomes outperformed data-level imbalance methods and existing works that validate the need to incorporate class imbalance for network traffic categorization.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.

Similar content being viewed by others

References

  1. Aldwairi T, Perera D, Novotny MA (2018) An evaluation of the performance of Restricted Boltzmann Machines as a model for anomaly network intrusion detection. Comput Networks 144:111–119

    Article  Google Scholar 

  2. Aleesa AM, Younis M, Mohammed AA, Sahar N (2021) Deep-Intrusion Detection System with Enhanced Unsw-Nb15 Dataset Based on Deep Learning Techniques. J Eng Sci Technol 16(1):711–727

    Google Scholar 

  3. Almi’ani M, Ghazleh AA, Al-Rahayfeh A, Razaque A (2018) Intelligent intrusion detection system using clustered self organized map,” in 2018 Fifth international conference on software defined systems (SDS), pp. 138–144.

  4. Al-Qatf M, Lasheng Y, Al-Habib M, Al-Sabahi K (2018) Deep learning approach combining sparse autoencoder with SVM for network intrusion detection. IEEE Access 6:52843–52856

    Article  Google Scholar 

  5. Alsaadi HS, Hedjam R, Touzene A, Abdessalem A (2020) Fast Binary Network Intrusion Detection based on Matched Filter Optimization, in 2020 IEEE International Conference on Informatics, IoT, and Enabling Technologies (ICIoT), pp. 195–199

  6. Ashfaq RAR, Wang X-Z, Huang JZ, Abbas H, He Y-L (2017) Fuzziness based semi-supervised learning approach for intrusion detection system. Inf Sci (Ny) 378:484–497

    Article  Google Scholar 

  7. Ashiku L, Dagli C (2021) Network Intrusion Detection System using Deep Learning. Procedia Comput Sci 185:239–247

    Article  Google Scholar 

  8. Buda M, Maki A, Mazurowski MA (2018) A systematic study of the class imbalance problem in convolutional neural networks. Neural Networks 106:249–259

    Article  Google Scholar 

  9. Çavusoglu Ü (2019) A new hybrid approach for intrusion detection using machine learning methods. Appl Intell 49(7):2735–2761

    Article  Google Scholar 

  10. Clevert D-A, Unterthiner T, Hochreiter S (2015) Fast and accurate deep network learning by exponential linear units (elus),” arXiv Prepr. arXiv1511.07289

  11. Collobert R, Weston J (2008) A unified architecture for natural language processing: Deep neural networks with multitask learning,” in Proceedings of the 25th international conference on Machine learning, pp. 160–167

  12. Ding S, Wang G (2017) Research on intrusion detection technology based on deep learning,” in 2017 3rd IEEE International Conference on Computer and Communications (ICCC), pp. 1474–1478

  13. Dong R-H, Li X-Y, Zhang Q-Y, Yuan H (2019) Network intrusion detection model based on multivariate correlation analysis--long short-time memory network. IET Inf Secur 14(2):166–174

    Article  Google Scholar 

  14. Gao J, Chai S, Zhang C, Zhang B, Cui L (2019) A Novel Intrusion Detection System based on Extreme Machine Learning and Multi-Voting Technology. Chinese Control Conference (CCC) 2019:8909–8914

    Article  Google Scholar 

  15. Garcia-Teodoro P, Diaz-Verdejo J, Maciá-Fernández G, Vázquez E (2009) Anomaly-based network intrusion detection: Techniques, systems and challenges. Comput Secur 28(1–2):18–28

    Article  Google Scholar 

  16. Garg S et al (2020) En-ABC: An ensemble artificial bee colony based anomaly detection scheme for cloud environment. J Parallel Distrib Comput 135:219–233

    Article  Google Scholar 

  17. Glorot X, Bengio Y (2010) Understanding the difficulty of training deep feedforward neural networks, in Proceedings of the thirteenth international conference on artificial intelligence and statistics, pp. 249–256

  18. Graves A, Mohamed A, Hinton G (2013) Speech recognition with deep recurrent neural networks,” in 2013 IEEE international conference on acoustics, speech and signal processing, pp. 6645–6649

  19. Hagan MT, Demuth HB, Beale M (1997) Neural network design. PWS Publishing Co

  20. Hardt M, Recht B, Singer Y (2016) “Train faster, generalize better: Stability of stochastic gradient descent,” in International Conference on Machine Learning, pp. 1225–1234

  21. He K, Zhang X, Ren S, Sun J (2016) Deep residual learning for image recognition, in Proceedings of the IEEE conference on computer vision and pattern recognition, pp. 770–778

  22. Hinton G et al (2012) Deep neural networks for acoustic modeling in speech recognition: The shared views of four research groups. IEEE Signal Process Mag 29(6):82–97

    Article  Google Scholar 

  23. Ibrahim LM, Basheer DT, Mahmod MS (2013) A comparison study for intrusion database (Kdd99, Nsl-Kdd) based on self organization map (SOM) artificial neural network. J Eng Sci Technol 8(1):107–119

    Google Scholar 

  24. Ieracitano C, Adeel A, Morabito FC, Hussain A (2020) A novel statistical analysis and autoencoder driven intelligent intrusion detection approach. Neurocomputing 387:51–62

    Article  Google Scholar 

  25. Ingre B, Yadav A (2015) Performance analysis of NSL-KDD dataset using ANN, in 2015 international conference on signal processing and communication engineering systems, pp. 92–96

  26. Injadat M, Moubayed A, Nassif AB, Shami A (2020) Multi-stage optimized machine learning framework for network intrusion detection. IEEE Trans Netw Serv Manag

  27. Jiang K, Wang W, Wang A, Wu H (2020) Network intrusion detection combined hybrid sampling with deep hierarchical network. IEEE Access 8:32464–32476

    Article  Google Scholar 

  28. Kalchbrenner N, Grefenstette E, Blunsom P (2014) A convolutional neural network for modelling sentences,” arXiv Prepr. arXiv1404.2188

  29. Kasongo SM, Sun Y (2020) A deep learning method with wrapper based feature extraction for wireless intrusion detection system. Comput Secur 92:101752

    Article  Google Scholar 

  30. Kasongo SM, Sun Y (2020) Performance Analysis of Intrusion Detection Systems Using a Feature Selection Method on the UNSW-NB15 Dataset. J Big Data 7(1):1–20

    Article  Google Scholar 

  31. Kaur T, Malhotra V, Singh D (2014) Comparison of network security tools-firewall, intrusion detection system and Honeypot. Int J Enhanc Res Sci Technol Eng 200204

  32. Khan MA (2021) HCRNNIDS: Hybrid Convolutional Recurrent Neural Network-Based Network Intrusion Detection System. Processes 9(5):834

    Article  Google Scholar 

  33. Khan FA, Gumaei A, Derhab A, Hussain A (2019) A novel two-stage deep learning model for efficient network intrusion detection. IEEE Access 7:30373–30385

    Article  Google Scholar 

  34. Khraisat A, Gondal I, Vamplew P, Kamruzzaman J, Alazab A (2020) Hybrid intrusion detection system based on the stacking ensemble of c5 decision tree classifier and one class support vector machine. Electronics 9(1):173

    Article  Google Scholar 

  35. Kim J, Shin N, Jo SY, Kim SH (2017) Method of intrusion detection using deep neural network. IEEE Int Conference Big Data Smart Comput (BigComp) 2017:313–316

    Google Scholar 

  36. King G, Zeng L (2001) Logistic regression in rare events data. Polit Anal 9(2):137–163

    Article  Google Scholar 

  37. Kingma DP, Ba J (2014) Adam: A method for stochastic optimization, arXiv Prepr. arXiv1412.6980

  38. Krizhevsky A, Sutskever I, Hinton GE (2012) Imagenet classification with deep convolutional neural networks. Adv Neural Inf Process Syst 25:1097–1105

    Google Scholar 

  39. Krömer P, Platoš J, Snášel V, Abraham A (2011) Fuzzy classification by evolutionary algorithms,” in 2011 IEEE International Conference on Systems, Man, and Cybernetics, pp. 313–318

  40. LeCun Y, Bengio Y, Hinton G (2015) Deep learning. Nature 521(7553):436–444

    Article  Google Scholar 

  41. Lee H et al (2019) An explainable deep-learning algorithm for the detection of acute intracranial haemorrhage from small datasets. Nat Biomed Eng 3(3):173–182

    Article  Google Scholar 

  42. Li Z, Qin Z, Huang K, Yang X, Ye S (2017) Intrusion detection using convolutional neural networks for representation learning, in International conference on neural information processing, pp. 858–866.

  43. Liao H-J, Lin C-HR, Lin Y-C, Tung K-Y (2013) Intrusion detection system: A comprehensive review. J Netw Comput Appl 36(1):16–24

    Article  Google Scholar 

  44. Liu Z et al (2011) A method of SVM with normalization in intrusion detection. Procedia Environ Sci 11:256–262

    Article  Google Scholar 

  45. Maas AL, Hannun AY, Ng AY (2013) Rectifier nonlinearities improve neural network acoustic models. Proc icml 30(1):3

    Google Scholar 

  46. Man J, Sun G (2021) A Residual Learning-Based Network Intrusion Detection System,” Secur. Commun. Networks, vol. 2021

  47. Manda B, Bhaskare P, Muthuganapathy R (2021) A Convolutional Neural Network Approach to the Classification of Engineering Models. IEEE Access 9:22711–22723

    Article  Google Scholar 

  48. Mebawondu JO, Alowolodu OD, Mebawondu JO, Adetunmbi AO (2020) Network intrusion detection system using supervised learning paradigm. Sci. African 9:e00497

    Article  Google Scholar 

  49. Mighan SN, Kahani M (2021) A novel scalable intrusion detection system based on deep learning. Int J Inf Secur 20(3):387–403

    Article  Google Scholar 

  50. Mohammadi M, Raahemi B, Akbari A, Nassersharif B (2012) New class-dependent feature transformation for intrusion detection systems. Secur Commun networks 5(12):1296–1311

    Article  Google Scholar 

  51. Moukhafi M, El Yassini K, Bri S, Oufaska K (2018) Artificial neural network optimized by genetic algorithm for intrusion detection system,” in International Conference on Advanced Intelligent Systems for Sustainable Development, pp 393–404

  52. Mulyanto M, Faisal M, Prakosa SW, Leu J-S (2021) Effectiveness of Focal Loss for Minority Classification in Network Intrusion Detection Systems. Symmetry (Basel) 13(1):4

    Article  Google Scholar 

  53. Nair V, Hinton GE (2010) Rectified linear units improve restricted boltzmann machines

  54. Nguyen S-N, Nguyen V-Q, Choi J, Kim K (2018) Design and implementation of intrusion detection system using convolutional neural network for DoS detection,” in Proceedings of the 2nd international conference on machine learning and soft computing, pp. 34–38

  55. Nskh P, Varma MN, Naik RR (2016) Principle component analysis based intrusion detection system using support vector machine, in 2016 IEEE International Conference on Recent Trends in Electronics, Information \& Communication Technology (RTEICT), pp. 1344–1350

  56. Patel A, Taghavi M, Bakhtiyari K, Júnior JC (2013) An intrusion detection and prevention system in cloud computing: A systematic review. J Netw Comput Appl 36(1):25–41

    Article  Google Scholar 

  57. Paulauskas N, Auskalnis J (2017) Analysis of data pre-processing influence on intrusion detection using NSL-KDD dataset, in 2017 open conference of electrical, electronic and information sciences (eStream), pp. 1–5

  58. Peng P, Zhang W, Zhang Y, Xu Y, Wang H, Zhang H (2020) Cost sensitive active learning using bidirectional gated recurrent neural networks for imbalanced fault diagnosis. Neurocomputing 407:232–245

    Article  Google Scholar 

  59. Pervez MS, Farid DM (2014) Feature selection and intrusion classification in NSL-KDD cup 99 dataset employing SVMs,” in The 8th International Conference on Software, Knowledge, Information Management and Applications (SKIMA 2014), pp. 1–6.

  60. Priyadarsini PI (2021) ABC-BSRF: Artificial Bee Colony and Borderline-SMOTE RF Algorithm for Intrusion Detection System on Data Imbalanced Problem,” in Proceedings of International Conference on Computational Intelligence and Data Engineering: ICCIDE 2020, pp. 15–29

  61. Rani M, Gagandeep (2019) A Review of Intrusion Detection System in Cloud Computing

  62. Rani M, et al. (2021) Employing Artificial Bee Colony Algorithm for Feature Selection in Intrusion Detection System,” in 2021 8th International Conference on Computing for Sustainable Global Development (INDIACom), pp 496–500

  63. Rawat S, Srinivasan A, Ravi V, Ghosh U Intrusion detection systems using classical machine learning techniques vs integrated unsupervised feature learning and deep neural network. Internet Technol. Lett, p. e232

  64. Sethi K, Kumar R, Prajapati N, Bera P (2020) Deep Reinforcement Learning based Intrusion Detection System for Cloud Infrastructure,” in 2020 International Conference on COMmunication Systems & NETworkS (COMSNETS), pp. 1–6

  65. Singh D, Singh B (2019) Investigating the impact of data normalization on classification performance, Appl Soft Comput, p. 105524

  66. Su T, Sun H, Zhu J, Wang S, Li Y (2020) BAT: Deep learning methods on network intrusion detection using NSL-KDD dataset. IEEE Access 8:29575–29585

    Article  Google Scholar 

  67. Tan X et al (2019) Wireless sensor networks intrusion detection based on SMOTE and the random forest algorithm. Sensors 19(1):203

    Article  Google Scholar 

  68. Tao W, Honghui F, HongJin Z, CongZhe Y, HongYan Z, XianZhen H (2021) Intrusion Detection System Combined Enhanced Random Forest With Smote Algorithm

  69. Tavallaee M, Bagheri E, Lu W, Ghorbani AA (2009) A detailed analysis of the KDD CUP 99 data set,” in 2009 IEEE symposium on computational intelligence for security and defense applications, pp. 1–6

  70. Tchakoucht TA, Ezziyyani M (2018) Multilayered Echo-State Machine: A Novel architecture for efficient intrusion detection. IEEE Access 6:72458–72468

    Article  Google Scholar 

  71. Thabtah F, Hammoud S, Kamalov F, Gonsalves A (2020) Data imbalance in classification: Experimental evaluation. Inf Sci (Ny) 513:429–441

    Article  MathSciNet  Google Scholar 

  72. Umar MA, Zhanfang C (2020) Effects of Feature Selection and Normalization on Network Intrusion Detection

  73. Umar MA, Zhanfang C, Liu Y (2020) Network Intrusion Detection Using Wrapper-based Decision Tree for Feature Selection, in Proceedings of the 2020 International Conference on Internet Computing for Science and Engineering, pp. 5–13

  74. Verma AK, Kaushik P, Shrivastava G (2019) A Network Intrusion Detection Approach Using Variant of Convolution Neural Network, in 2019 International Conference on Communication and Electronics Systems (ICCES), pp. 409–416

  75. Vinayakumar R, Alazab M, Soman KP, Poornachandran P, Al-Nemrat A, Venkatraman S (2019) Deep learning approach for intelligent intrusion detection system. IEEE Access 7:41525–41550

    Article  Google Scholar 

  76. Wang Y, Shen Y, Zhang G (2016) Research on intrusion detection model using ensemble learning methods,” in 2016 7th IEEE International Conference on Software Engineering and Service Science (ICSESS), , pp. 422–425

  77. Wu K, Chen Z, Li W (2018) A novel intrusion detection model for a massive network using convolutional neural networks. Ieee Access 6:50850–50859

    Article  Google Scholar 

  78. Wu Y, Lee WW, Xu Z, Ni M (2020) Large-scale and robust intrusion detection model combining improved deep belief network with feature-weighted SVM. IEEE Access 8:98600–98611

    Article  Google Scholar 

  79. Wu Y, Lee WW, Gong X, Wang H (2020) A Hybrid Intrusion Detection Model Combining SAE with Kernel Approximation in Internet of Things. Sensors 20(19):5710

    Article  Google Scholar 

  80. Xu B, Wang N, Chen T, Li M (2015) Empirical evaluation of rectified activations in convolutional network,” arXiv Prepr. arXiv1505.00853

  81. Xu J, Li Z, Du B, Zhang M, Liu J (2020) Reluplex made more practical: Leaky ReLU,” in 2020 IEEE Symposium on Computers and Communications (ISCC), pp. 1–7

  82. Yeung D-Y, Ding Y (2003) Host-based intrusion detection using dynamic and static behavioral models. Pattern Recognit 36(1):229–243

    Article  MATH  Google Scholar 

  83. Yin C, Zhu Y, Fei J, He X (2017) A deep learning approach for intrusion detection using recurrent neural networks. Ieee Access 5:21954–21961

    Article  Google Scholar 

  84. Yousefi-Azar M, Varadharajan V, Hamey L, Tupakula U (2017) Autoencoder-based feature learning for cyber security applications. Int Joint Conference Neural Networks (IJCNN) 2017:3854–3861

    Google Scholar 

  85. Zhang C, Ruan F, Yin L, Chen X, Zhai L, Liu F (2019) A deep learning approach for network intrusion detection based on NSL-KDD dataset,” in 2019 IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification (ASID), pp. 41–45

  86. Zwane S, Tarwireyi P, Adigun M (2018) Performance Analysis of Machine Learning Classifiers for Intrusion Detection. Int Conference Intell Innov Comput Applic (ICONIC) 2018:1–5

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Punjabi University, Patiala, 147002, India

    Manisha Rani &  Gagandeep

Authors
  1. Manisha Rani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gagandeep
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Manisha Rani.

Ethics declarations

Conflict of interests

The authors declare no conflict of interest.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Rani, M., Gagandeep Effective network intrusion detection by addressing class imbalance with deep neural networks multimedia tools and applications. Multimed Tools Appl 81, 8499–8518 (2022). https://doi.org/10.1007/s11042-021-11747-6

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-021-11747-6

Keywords

Search

Navigation