Skip to main content
SpringerLink
Log in

An Intrusion Detection System Based on Deep Belief Networks

  • Conference paper
  • First Online:
Science of Cyber Security (SciSec 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13580))

Included in the following conference series:

Abstract

The rapid growth of connected devices has led to the proliferation of novel cyber-security threats known as zero-day attacks. Traditional behaviour-based Intrusion Detection Systems (IDSs) rely on Deep Neural Networks (DNNs) to detect these attacks. The quality of the dataset used to train the DNNs plays a critical role in the detection performance, with underrepresented samples causing poor performances. In this paper, we develop and evaluate the performance of Deep Belief Networks (DBNs) on detecting cyber-attacks within a network of connected devices. The CICIDS2017 dataset was used to train and evaluate the performance of our proposed DBN approach. Several class balancing techniques were applied and evaluated. Lastly, we compare our approach against a conventional Multi-Layer Perceptron (MLP) model and the existing state-of-the-art. Our proposed DBN approach shows competitive and promising results, with significant performance improvement on the detection of attacks underrepresented in the training dataset.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://github.com/othmbela/dbn-based-nids.

References

  1. Al-Qatf, M., Lasheng, Y., Al-Habib, M., Al-Sabahi, K.: Deep learning approach combining sparse autoencoder with SVM for network intrusion detection. IEEE Access 6, 52843–52856 (2018). https://doi.org/10.1109/ACCESS.2018.2869577

    Article  Google Scholar 

  2. Alom, M.Z., Bontupalli, V., Taha, T.M.: Intrusion detection using deep belief networks. In: National Aerospace and Electronics Conference (NAECON), pp. 339–344 (2015). https://doi.org/10.1109/NAECON.2015.7443094

  3. Anthi, E., Williams, L., Słowińska, M., Theodorakopoulos, G., Burnap, P.: A supervised intrusion detection system for smart home iot devices. IEEE Internet Things J. 6(5), 9042–9053 (2019). https://doi.org/10.1109/JIOT.2019.2926365

    Article  Google Scholar 

  4. Ashfaq, R.A.R., Wang, X.Z., Huang, J.Z., Abbas, H., He, Y.L.: Fuzziness based semi-supervised learning approach for intrusion detection system. Inf. Sci. 378, 484–497 (2017). https://doi.org/10.1016/j.ins.2016.04.019

    Article  Google Scholar 

  5. Bridges, R.A., Glass-Vanderlan, T.R., Iannacone, M.D., Vincent, M.S., Chen, Q.G.: A survey of intrusion detection systems leveraging host data. ACM Comput. Surv. 52(6) (2019). https://doi.org/10.1145/3344382

  6. Chawla, N.V., Bowyer, K.W., Hall, L.O., Kegelmeyer, W.P.: Smote: synthetic minority over-sampling technique. J. Artif. Intell. Res. 16, 321–357 (2002). https://doi.org/10.1613/jair.953

    Article  MATH  Google Scholar 

  7. Chitrakar, R., Huang, C.: Selection of candidate support vectors in incremental SVM for network intrusion detection. Comput. Secur. 45, 231–241 (2014). https://doi.org/10.1016/j.cose.2014.06.006

    Article  Google Scholar 

  8. Doriguzzi-Corin, R., Millar, S., Scott-Hayward, S., Martínez-del Rincón, J., Siracusa, D.: Lucid: a practical, lightweight deep learning solution for DDOS attack detection. IEEE Trans. Netw. Serv. Manage. 17(2), 876–889 (2020). https://doi.org/10.1109/TNSM.2020.2971776

    Article  Google Scholar 

  9. Fu, C., Li, Q., Shen, M., Xu, K.: Realtime robust malicious traffic detection via frequency domain analysis. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, November 2021. https://doi.org/10.1145/3460120.3484585

  10. Galar, M., Fernandez, A., Barrenechea, E., Bustince, H., Herrera, F.: A review on ensembles for the class imbalance problem: bagging, boosting, and hybrid-based approaches. IEEE Trans. Syst. Man Cybernet. Part C (Appl. Rev.) 42(4), 463–484 (2012). https://doi.org/10.1109/TSMCC.2011.2161285

    Article  Google Scholar 

  11. Gu, J., Lu, S.: An effective intrusion detection approach using SVM with Naïve Bayes feature embedding. Comput. Secur. 103, 102158 (2021). https://doi.org/10.1016/j.cose.2020.102158

    Article  Google Scholar 

  12. Gu, J., Wang, L., Wang, H., Wang, S.: A novel approach to intrusion detection using SVM ensemble with feature augmentation. Comput. Secur. 86, 53–62 (2019). https://doi.org/10.1016/j.cose.2019.05.022

    Article  Google Scholar 

  13. Guo, C., Ping, Y., Liu, N., Luo, S.S.: A two-level hybrid approach for intrusion detection. Neurocomputing 214, 391–400 (2016). https://doi.org/10.1016/j.neucom.2016.06.021

    Article  Google Scholar 

  14. Hammerla, N.Y., Plötz, T.: Let’s (not) stick together: pairwise similarity biases cross-validation in activity recognition. In: ACM International Joint Conference on Pervasive and Ubiquitous Computing, New York, NY, USA, pp. 1041–1051. Association for Computing Machinery (2015). https://doi.org/10.1145/2750858.2807551

  15. Hinton, G.E., Salakhutdinov, R.R.: Reducing the dimensionality of data with neural networks. Science 313(5786), 504–507 (2006). https://doi.org/10.1126/science.1127647

    Article  MathSciNet  MATH  Google Scholar 

  16. Hinton, G.E.: Training products of experts by minimizing contrastive divergence. Neural Comput. 14(8), 1771–1800 (2002). https://doi.org/10.1162/089976602760128018

    Article  MATH  Google Scholar 

  17. Kim, G., Lee, S., Kim, S.: A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Syst. Appl. 41(4, Part 2), 1690–1700 (2014). https://doi.org/10.1016/j.eswa.2013.08.066

    Article  Google Scholar 

  18. Kunang, Y.N., Nurmaini, S., Stiawan, D., Suprapto, B.Y.: Attack classification of an intrusion detection system using deep learning and hyperparameter optimization. J. Inf. Secur. Appl. 58, 102804 (2021). https://doi.org/10.1016/j.jisa.2021.102804

    Article  Google Scholar 

  19. Matyás, V., Kur, J.: Conflicts between intrusion detection and privacy mechanisms for wireless sensor networks. IEEE Secur. Priv. 11(5), 73–76 (2013). https://doi.org/10.1109/MSP.2013.111

    Article  Google Scholar 

  20. Peng, W., Kong, X., Peng, G., Li, X., Wang, Z.: Network intrusion detection based on deep learning. In: 2019 International Conference on Communications, Information System and Computer Engineering (CISCE), pp. 431–435 (2019). https://doi.org/10.1109/CISCE.2019.00102

  21. Rhode, M., Burnap, P., Jones, K.: Early-stage malware prediction using recurrent neural networks. Comput. Secur. 77, 578–594 (2018). https://doi.org/10.1016/j.cose.2018.05.010

    Article  Google Scholar 

  22. Roopak, M., Yun Tian, G., Chambers, J.: Deep learning models for cyber security in iot networks. In: 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC), pp. 0452–0457 (2019). https://doi.org/10.1109/CCWC.2019.8666588

  23. Salakhutdinov, R., Mnih, A., Hinton, G.: Restricted Boltzmann machines for collaborative filtering. In: Proceedings of the 24th International Conference on Machine Learning, pp. 791–798. ICML 2007 (2007). https://doi.org/10.1145/1273496.1273596

  24. Salama, M.A., Hassanien, A.E., Fahmy, A.A.: Deep belief network for clustering and classification of a continuous data. In: The 10th IEEE International Symposium on Signal Processing and Information Technology, pp. 473–477 (2010). https://doi.org/10.1109/ISSPIT.2010.5711759

  25. Sapre, S., Islam, K., Ahmadi, P.: A comprehensive data sampling analysis applied to the classification of rare iot network intrusion types. In: 2021 IEEE 18th Annual Consumer Communications Networking Conference (CCNC). pp. 1–2 (2021). https://doi.org/10.1109/CCNC49032.2021.9369617

  26. Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy. SCITEPRESS - Science and Technology Publications (2018). https://doi.org/10.5220/0006639801080116

  27. Singla, A., Bertino, E., Verma, D.: Preparing network intrusion detection deep learning models with minimal data using adversarial domain adaptation. In: Asia Conference on Computer and Communications Security (2020). https://doi.org/10.1145/3320269.3384718

  28. Wang, S., Liu, W., Wu, J., Cao, L., Meng, Q., Kennedy, P.J.: Training deep neural networks on imbalanced data sets. In: 2016 International Joint Conference on Neural Networks (IJCNN), pp. 4368–4374 (2016). https://doi.org/10.1109/IJCNN.2016.7727770

  29. Yang, J., Deng, J., Li, S., Hao, Y.: Improved traffic detection with support vector machine based on restricted Boltzmann machine. Soft. Comput. 21(11), 3101–3112 (2015). https://doi.org/10.1007/s00500-015-1994-9

    Article  Google Scholar 

  30. Yao, Y., Su, L., Lu, Z.: Deepgfl: deep feature learning via graph for attack detection on flow-based network traffic. In: MILCOM 2018–2018 IEEE Military Communications Conference (MILCOM), pp. 579–584 (2018). https://doi.org/10.1109/MILCOM.2018.8599821

  31. Yin, C., Zhu, Y., Fei, J., He, X.: A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5, 21954–21961 (2017). https://doi.org/10.1109/ACCESS.2017.2762418

    Article  Google Scholar 

  32. Zhong, W., Yu, N., Ai, C.: Applying big data based deep learning system to intrusion detection. Big Data Mining and Analytics 3(3), 181–195 (2020). https://doi.org/10.26599/BDMA.2020.9020003

Download references

Author information

Authors and Affiliations

  1. Bristol Research and Innovation Laboratory, Toshiba Europe Ltd., Bristol, UK

    Othmane Belarbi, Aftab Khan & Pietro Carnelli

  2. School of Computer Science and Informatics, Cardiff University, Cardiff, UK

    Theodoros Spyridopoulos

Authors
  1. Othmane Belarbi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aftab Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Pietro Carnelli
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Theodoros Spyridopoulos
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aftab Khan .

Editor information

Editors and Affiliations

  1. University of Aizu, Aizuwakamatsu, Fukushima, Japan

    Chunhua Su

  2. Kyushu University, Fukuoka, Japan

    Kouichi Sakurai

  3. Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Feng Liu

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Belarbi, O., Khan, A., Carnelli, P., Spyridopoulos, T. (2022). An Intrusion Detection System Based on Deep Belief Networks. In: Su, C., Sakurai, K., Liu, F. (eds) Science of Cyber Security. SciSec 2022. Lecture Notes in Computer Science, vol 13580. Springer, Cham. https://doi.org/10.1007/978-3-031-17551-0_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-17551-0_25

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-17550-3

  • Online ISBN: 978-3-031-17551-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation