Skip to main content

Intrusion Detection: Deep Neural Networks Versus Super Learning

  • Chapter
  • First Online:
Women in Computational Intelligence

Part of the book series: Women in Engineering and Science ((WES))

  • 399 Accesses

Abstract

An Intrusion Detection System (IDS) is a system that protects against network attacks. This protection is achieved by monitoring the activity within a network of connected computers in order to analyze and predict the activity for intrusions. In the event that an attack would happen, the system would respond accordingly. In the past, different machine learning techniques have been proposed, which can be broken into clustering algorithms and classification algorithms. In this chapter, the CICIDS2017 data set is investigated, which contains benign and the most up-to-date common attacks resembling true real-world data. A machine learning approach is chosen whereby a comparison between a deep neural network approach and an ensemble method called super learner is performed. Furthermore, other algorithms such as gradient boosting machine, distributed random forest, and the XGBoost from the AutoML library are also compared.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 129.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. A. Ali, A. Saleh, T. Ramdan, Multilayer perceptrons networks for an intelligent adaptive intrusion detection system. Int. J. Comput. Sci. Netw. Secur. 10(2), 275–279, (2010)

    Google Scholar 

  2. M.Z. Alom, V. Bontupalli, T.M. Taha, Intrusion detection using deep belief networks, in 2015 National Aerospace and Electronics Conference (NAECON), Dayton, OH (2015)

    Google Scholar 

  3. K. Alrawashdeh, C. Purdy, Toward an online anomaly intrusion detection system based on deep learning, in 15th IEEE International Conference on Machine Learning and Applications (ICMLA) (Anaheim, CA, 2016), pp. 195–200

    Google Scholar 

  4. J.P. Anderson, Computer Security Threat Monitoring and Surveillance. Technical Report 79F296400. James P. Anderson Co., Fort Washington, Pennsylvania (1980)

    Google Scholar 

  5. AutoML, Available online: https://docs.h2o.ai/h2o/latest-stable/h2o-docs/automl.html, [Accessed December 2020]

  6. BBC, Spies ‘infiltrate US power grid’ (2009c). Available online: https://news.bbc.co.uk/1/hi/technology/7990997.stm, [Accessed December 2020]

  7. BBC, Major cyber spy network uncovered (2009b). Available online: https://news.bbc.co.uk/1/hi/world/americas/7970471.stm, [Accessed December 2020]

  8. Canadian Institute for Cybersecurity, Available online: https://www.unb.ca/cic/datasets/ids-2017.html, [Accessed December 2020]

  9. I. Chairunnisa, Lukas, H.D. Widiputra, Clustering base intrusion detection for network profiling using k-means, ecm and k-nearest neighbor algorithms, in Konferensi Nasional Sistem dan Informatika, pp. 247–251 (2009)

    Google Scholar 

  10. T. Chen, C. Guestrin, XGBoost: A scalable tree boosting system, in Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, August 13–17, 2016, ed. by B. Krishnapuram, M. Shah, A.J. Smola, C.C. Aggarwal, D. Shen, R. Rastogi (ACM, San Francisco, CA, USA, 2016), pp. 785–794

    Google Scholar 

  11. R. Chitrakar, C. Huang, Selection of candidate support vectors in incremental SVM for network intrusion detection. Comput. Secur. 45, 231–241 (2014)

    Article  Google Scholar 

  12. CNet News, Georgia accuses Russia of coordinated cyberattack (2008). Available online: https://news.cnet.com/8301-1009_3-10014150-83.html, [Accessed December 2020]

  13. D.E. Denning, An intrusion-detection model. IEEE Trans. Softw. Eng. 13, 222–232 (1987). ISSN 0098-5589

    Article  Google Scholar 

  14. P. Dokas, L. Ertoz, V. Kumar, A. Lazarevic, J. Srivastava, P. Tan, Data mining for network intrusion detection, in Proceedings of the NSF Workshop on Next Generation Data Mining, Baltimore, MD (2002)

    Google Scholar 

  15. F. Giroire, J. Chandrashekar, G. Iannaccone, K. Papagiannaki, E.M. Schooler, N. Taft, The cubicle vs. the coffee shop: Behavioral modes in enterprise end-users, in Proceedings of the 2008 Passive and Active Measurement Conference (Springer, 2008), pp. 202–211

    Google Scholar 

  16. N. Gornitz, M. Kloft, K. Rieck, U. Brefeld, Active learning for network intrusion detection, in 2nd ACM Workshop on Security and Artificial Intelligence, pp. 47–54 (2009)

    Google Scholar 

  17. H2O, Available online: https://docs.h2o.ai/h2o/latest-stable/h2o-docs/welcome.html, [Accessed December 2020]

  18. R.A. Kemmerer, G. Vigna, Intrusion detection: A brief history and overview. Computer 35, 27–30 (2002)

    Article  Google Scholar 

  19. M. Kloft, U. Brefeld, P. Dussel, C. Gehl, P. Laskov, Automatic feature selection for anomaly detection, in Proceedings of the 1st ACM Workshop on Workshop on AISec, pp. 71–76 (2008)

    Google Scholar 

  20. C. Kruegel, F. Valeur, G. Vigna, Intrusion Detection and Correlation: Challenges and Solutions (Springer, Telos, 2004)

    MATH  Google Scholar 

  21. L.M. Lewis, A case-based reasoning approach to the resolution of faults in communication networks, in Proceedings of the IFIP TC6/WG6.6 Third International Symposium on Integrated Network Management with participation of the IEEE Communications Society CNOM and with Support from the Institute for Educational Services (North-Holland, 1993), pp. 671–682

    Google Scholar 

  22. Y. Li, R. Ma, R. Jiao, A hybrid malicious code detection method based on deep learning. Int. J. Secur. Appl. 9(5), 205–216 (2015)

    Google Scholar 

  23. Y. Liu, X. Zhang, Intrusion detection based on IDBM, in IEEE 14th Intl Conf on Dependable, Autonomic and Secure Computing, Auckland, pp. 173–177 (2016)

    Google Scholar 

  24. S.A. Ludwig, Intrusion detection of multiple attack classes using a deep neural net ensemble, in IEEE Symposium Series on Computational Intelligence (SSCI), Honolulu, HI, USA, pp. 1–7 (2017)

    Google Scholar 

  25. S.A. Ludwig, Applying a neural network ensemble to intrusion detection. J. Artif. Intell. Soft Comput. Res. 9(3), 177–188 (2019)

    Article  Google Scholar 

  26. D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford, N. Weaver, Inside the SlammerWorm. IEEE Secur. Priv. 1, 33–39 (2003)

    Article  Google Scholar 

  27. S.F. Owens, R.R. Levary, An adaptive expert system approach for intrusion detection. Int. J. Secur. Netw. 1, 206–217 (2006). ISSN 1747-8405

    Article  Google Scholar 

  28. M. Pillai, J. Eloff, H. Venter, An approach to implement a network intrusion detection system using genetic algorithms, in Proceedings of South African Institute of Computer Scientists and Information Technologists (Western Cape, South Africa, 2004), pp. 221–228

    Google Scholar 

  29. E.C. Polley, Super Learner. Ph.D. Thesis, Fall 2010 (2010). Available online: https://digitalassets.lib.berkeley.edu/etd/ucb/text/Polley_berkeley_0028E_10767.pdf, [Accessed December 2020]

  30. S. Potluri, C. Diedrich, Accelerated deep neural networks for enhanced intrusion detection system, in IEEE 21st International Conference on Emerging Technologies and Factory Automation (ETFA), Berlin, pp. 1–8 (2016)

    Google Scholar 

  31. G. Seni, J.F. Elder, Ensemble methods in data mining: improving accuracy through combining predictions, in Synthesis Lectures on Data Mining and Knowledge Discovery, ed. by R. Grossman (Morgan & Claypool, 2010)

    Google Scholar 

  32. P. Stetsenko, Machine Learning with Python and H2O. H2O. ai Inc. (2016). https://docs.h2o.ai/h2o/latest-stable/h2o-docs/booklets/PythonBooklet.pdf, [Accessed December 2020]

  33. T.A. Tang, L. Mhamdi, D. McLernon, S.A. Raza Zaidi, M. Ghogho, Deep learning approach for network intrusion detection in software defined networking, in International Conference on Wireless Networks and Mobile Communications (WINCOM), Fez, Morocco (2016)

    Google Scholar 

  34. M.J. Van der Laan, E.C. Polley, A.E. Hubbard, Super learner. Stat. Appl. Genet. Mol. Biol. 6(1), 1–22 (2007)

    MathSciNet  MATH  Google Scholar 

  35. J. Vanerio, P. Casas, Ensemble-learning approaches for network security and anomaly detection, in Proceedings of the Workshop on Big Data Analytics and Machine Learning for Data Communication Networks (ACM, 2017), pp. 1–6

    Google Scholar 

  36. J. Xie, V. Rojkova, S. Pal, S. Coggeshall, A combination of boosting and bagging for KDD Cup 2009 - Fast scoring on a large database. J. Mach. Learn. Res. (JMLR) 7, 35–43 (2009)

    Google Scholar 

  37. S. Zanero, S.M. Savaresi, Unsupervised learning techniques for an intrusion detection system, in SAC ’04: Proceedings of the 2004 ACM symposium on Applied computing, New York, NY, USA (2004), pp. 412–419

    Book  Google Scholar 

  38. Z.H. Zhou, Ensemble Methods: Foundations and Algorithms. Machine Learning & Pattern Recognition Series (Chapman & Hall/CRC. Boca Raton, FL, 2012). https://tjzhifei.github.io/links/EMFA.pdf, [Accessed December 20]

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Simone A. Ludwig .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2022 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Ludwig, S.A. (2022). Intrusion Detection: Deep Neural Networks Versus Super Learning. In: Smith, A.E. (eds) Women in Computational Intelligence. Women in Engineering and Science. Springer, Cham. https://doi.org/10.1007/978-3-030-79092-9_8

Download citation

Publish with us

Policies and ethics