Network Intrusion Detection Based on Neural Networks and D-S Evidence

  • Chunlin Lu
  • Lidong ZhaiEmail author
  • Tao Liu
  • Na Li
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9555)


Network traffic data is an important source of data to establish a network intrusion detection system (NIDS). The explosive growth of the network traffic data brings a huge challenge to network intrusion detection, and video traffic packet has been an important part of the network traffic. In recent years, more and more researches have been applied Artificial Neural Networks (ANNs), especially back-propagation (BP) neural network, to improve the performance of intrusion detection systems. However, in view of the current network intrusion detection methods, the detection precision, especially for low-frequent attacks, detection stability and training time are still needed to be enhanced. In this paper, a new model which based on BP neural network that is optimized by genetic algorithm and Dempster-Shafer (D-S) theory to solve the above problems and help NIDS to achieve higher detection rate, less false positive rate and stronger stability. The general process of our model is as follows: firstly dividing the main extracted feature into several different feature subsets. Then, based on different feature subsets, different ANN models are trained to build the detection engine. Finally, the D-S evidence theory is employed to integration these results,and obtain the final result. The effectiveness of this method is verified by experimental simulation utilizing KDD Cup1999 dataset.


Network intrusion detection BP neural network Dempster shafer Anomaly detection 



This work is partially supported by the Fundamental Research Funds for the Central Universities under Grants No. 2014MS99 and National Natural Science Foundation of China under Grants No. 61302105.


  1. 1.
    de Silva, S.L., dos Santos, F., Mancilha, D.: Detecting attack signatures in the real network traffic with ANNIDA. Expert Syst. Appl. 34(4), 2326–2333 (2008)CrossRefGoogle Scholar
  2. 2.
    Manikopoulos, C., Papavassiliou, S.: Network intrusion and fault detection: a statistical anomaly approach. IEEE Commun. Mag. 40(10), 76–82 (2002)CrossRefGoogle Scholar
  3. 3.
    Shah, B., Trivedi, B.: Artificial neural network based intrusion detection system: a survey. Int. J. Comput. Appl. 39(6), 13–18 (2012)Google Scholar
  4. 4.
    Beghdad, R.: Critical study of neural networks in detecting intrusions. Comput. Secur. 27(5), 168–175 (2008)CrossRefGoogle Scholar
  5. 5.
    Wei, Z., Hao-yu, W., Xu, Z.: Intrusive detection systems design based on BP neural network. In: IEEE International Symposium on Distributed Computing and Applications to Business Engineering and Science (DCABES), pp. 462–465 (2010)Google Scholar
  6. 6.
    Mukkamala, S., Janoski, G., Sung, A.: Intrusion detection: support vector machines and neural networks. In: IEEE International Joint Conference on Neural Networks (ANNIE), pp. 1702–1707 (2002)Google Scholar
  7. 7.
    Pachghare, K., Kulkarni, P., Nikam, M.: Intrusion detection system using self organizing maps. In: IEEE International Conference on Intelligent Agent & Multi-Agent Systems, pp. 1–5 (2009)Google Scholar
  8. 8.
    Gao, M., Tian, J.: Network intrusion detection method based on improved simulated annealing neural network. In: IEEE International Conference on Measuring Technology and Mechatronics Automation, vol. 3, pp. 261–264 (2009)Google Scholar
  9. 9.
    Horeis, T. Intrusion detection with neural networks-combination of self-organizing maps and radial basis function networks for human expert integration. In: Computational Intelligence Society Student Research Grants (2003)Google Scholar
  10. 10.
    Mafra, M., Moll, V., da Silva Fraga, J.: Octopus-IIDS: An anomaly based intelligent intrusion detection system. In: IEEE Symposium on Computers and Communications, pp. 405–410 (IEEE)Google Scholar
  11. 11.
    Chen, Y., Abraham, A., Yang, B.: Hybrid flexible neural tree based intrusion detection systems. Int. J. Intell. Syst. 22(4), 337–352 (2007)CrossRefzbMATHGoogle Scholar
  12. 12.
    Guangjun, S., Jialin, Z., Zhenlong, S.: The research of dynamic change learning rate strategy in BP neural network and application in network intrusion detection. In: International Conference on Innovative Computing Information and Control, p. 513 (2008)Google Scholar
  13. 13.
    Wang, G., Hao, J., Ma, J.: A new approach to intrusion detection using artificial neural networks and fuzzy clustering. expert syst. appl. 37(9), 6225–6232 (2010)CrossRefGoogle Scholar
  14. 14.
    Montana, J., Davis, L.: Training feedforward neural networks using genetic algorithms. IJCAI 89, 762–767 (1989)zbMATHGoogle Scholar
  15. 15.
    Prasad, S., Babu, V., Rao, B.: An intrusion detection system architecture based on neural networks and genetic algorithms. Int. J. Comput. Sci. Manage. Res. 2, 1344–1361 (2013)Google Scholar
  16. 16.
    Lin, L., Xie, X., Zhong, S.: A multiple classification method based on the DS evidence theory. In: Proceedings of the 9th International Symposium on Linear Drives for Industry Applications, pp. 587–596 (2014)Google Scholar
  17. 17.
    Hu, W., Li, J., Gao, Q.: Intrusion detection engine based on Dempster-Shafer’s theory of evidence. In: International Conference on Communications, Circuits and Systems Proceedings, pp. 3, pp. 1627–1631 (2006)Google Scholar
  18. 18.
    Liu, Y., Wang, X., Liu, K.: Network anomaly detection system with optimized DS evidence theory. The Sci. World J. 2014, 13 (2014)Google Scholar
  19. 19.
    Beghdad, R.: Critical study of neural networks in detecting intrusions. Comput. Secur. 27(5), 168–175 (2008)CrossRefGoogle Scholar
  20. 20.
    Weka. Weka Program (2011).
  21. 21.
    Yuan, Y., Shang, S., Li, L.: Network intrusion detection using DS evidence combination with generalized regression neural network. J. Comput. Inf. Syst. 7(5), 1802–1809 (2011)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.North China Electric Power UniversityBeijingChina
  2. 2.Institute of Computing TechnologyChinese Academy of SciencesBeijingChina
  3. 3.Institute of China Mobile Communication Company LimitedBeijingChina

Personalised recommendations