Skip to main content
SpringerLink
Log in

Reinforcement Learning for the Problem of Detecting Intrusion in a Computer System

  • Conference paper
  • First Online:
Proceedings of Sixth International Congress on Information and Communication Technology

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 236))

Abstract

In recent years, there are many research works focus on studying the intrusion detection systems. Several recent research works have utilized the power of supervised machine learning algorithms to achieve near-perfect predictive performance in modern intrusion datasets. However, these algorithms require huge labeled datasets that usually is not available in practice. In this paper, we analyze the possibility of using reinforcement learning in the problem of intrusion detection. Our experimental results show promising results compared to the other recent studies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.unb.ca/cic/datasets/ids-2017.html.

References

  1. Abdi H, Williams LJ (2010) Principal component analysis. Wiley Interdisciplinary Rev Comput Stat 2(4):433–459

    Article  Google Scholar 

  2. Amor NB, Benferhat S, Elouedi Z (2004) Naive bayes vs decision trees in intrusion detection systems. In: SAC, pp 420–424. ACM

    Google Scholar 

  3. Axelsson S (2000) Intrusion detection systems: a survey and taxonomy. Technical report

    Google Scholar 

  4. Bhamare D, Salman T, Samaka M, Erbad A, Jain R (2018) Feasibility of supervised machine learning for cloud security. CoRR arXiv:1810.09878

  5. Bilge L, Dumitraş T (2012) Before we knew it: an empirical study of zero-day attacks in the real world. In: Proceedings of the 2012 ACM conference on Computer and communications security, pp 833–844

    Google Scholar 

  6. Chen T, Guestrin C (2016) Xgboost: a scalable tree boosting system. In: KDD, pp 785–794. ACM

    Google Scholar 

  7. Dang QV (2018) Outlier detection in network flow analysis. arXiv:1808.02024

  8. Dang QV (2019) Reinforcement learning in stock trading. In: International conference on computer science, applied mathematics and applications, pp 311–322. Springer

    Google Scholar 

  9. Dang QV (2109) Studying machine learning techniques for intrusion detection systems. In: International conference on future data and security engineering, pp 411–426. Springer

    Google Scholar 

  10. Dang QV (2020) Active learning for intrusion detection systems. In: IEEE Research, innovation and vision for the future

    Google Scholar 

  11. Dang QV (2020) Link-sign prediction in signed directed networks from no link perspective. In: International conference on integrated science, pp 291–300. Springer

    Google Scholar 

  12. Dang QV (2020) Understanding the decision of machine learning based intrusion detection systems. In: Dang TK, Küng J, Takizawa M, Chung TM (eds) Future data and security engineering. Springer International Publishing, Cham, pp 379–396

    Chapter  Google Scholar 

  13. Dang Q, Ignat C (2018) Link-sign prediction in dynamic signed directed networks. In: CIC, pp 36–45. IEEE Computer Society

    Google Scholar 

  14. Gharib A. Sharafaldin I, Lashkari AH, Ghorbani AA (2016) An evaluation framework for intrusion detection dataset. In: 2016 international conference on information science and security (ICISS), pp 1–6. IEEE

    Google Scholar 

  15. Hinton GE (2009) Deep belief networks. Scholarpedia 4(5):5947

    Article  Google Scholar 

  16. Kausar N, Samir BB, Sulaiman SB, Ahmad I, Hussain M (2012) An approach towards intrusion detection using pca feature subsets and svm. In: 2012 international conference on computer & information science (ICCIS). vol 2, pp 569–574. IEEE

    Google Scholar 

  17. Khraisat A, Gondal I, Vamplew P, Kamruzzaman J (2019) Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity 2(1):20

    Article  Google Scholar 

  18. Kreibich C, Crowcroft J (2004) Honeycomb: creating intrusion detection signatures using honeypots. ACM SIGCOMM Comput Commun Rev 34(1):51–56

    Article  Google Scholar 

  19. Krügel C, Toth T (2003) Using decision trees to improve signature-based intrusion detection. In: RAID. Lecture Notes in Computer Science, vol 2820, pp 173–191. Springer

    Google Scholar 

  20. Kumar S, Arora S, et al (2019) A statistical analysis on kdd cup99 dataset for the network intrusion detection system. In: International conference on advanced communication and networking, pp 131–157. Springer

    Google Scholar 

  21. Lazarevic A, Ertoz L, Kumar V, Ozgur A, Srivastava J (2003) A comparative study of anomaly detection schemes in network intrusion detection. In: Proceedings of the 2003 SIAM international conference on data mining, pp 25–36. SIAM

    Google Scholar 

  22. Li X, Ye N (2001) Decision tree classifiers for computer intrusion detection. J Parallel Distrib Comput Pract 4(2):179–190

    MathSciNet  Google Scholar 

  23. Liu FT, Ting KM, Zhou ZH (2008) Isolation forest. In: 2008 Eighth IEEE international conference on data mining, pp 413–422. IEEE

    Google Scholar 

  24. Marín G, Casas P, Capdehourat G (2020) Deepmal—deep learning models for malware traffic detection and classification. CoRR arXiv:2003.04079

  25. Marín G, Casas, P, Capdehourat G (2020) Deepmal–deep learning models for malware traffic detection and classification. arXiv preprint arXiv:2003.04079

  26. Mnih V, Kavukcuoglu K, Silver D, Graves A, Antonoglou I, Wierstra D, Riedmiller MA (2013) Playing atari with deep reinforcement learning. CoRR arXiv:1312.5602

  27. Modi C, Patel D, Borisaniya B, Patel H, Patel A, Rajarajan M (2013) A survey of intrusion detection techniques in cloud. J Netw Comput Appl 36(1):42–57

    Article  Google Scholar 

  28. Nguyen TT, Reddi VJ (2019) Deep reinforcement learning for cyber security. arXiv:1906.05799

  29. Reddy RR, Ramadevi Y, Sunitha KVN (2016) Effective discriminant function for intrusion detection using SVM. In: ICACCI, pp 1148–1153. IEEE

    Google Scholar 

  30. Resende PAA, Drummond AC (2018) A survey of random forest based methods for intrusion detection systems. ACM Comput Surv 51(3):48:1–48:36

    Google Scholar 

  31. Roesch M et al (1999) Snort: lightweight intrusion detection for networks. Lisa 99:229–238

    Google Scholar 

  32. Sharafaldin I, Lashkari AH, Ghorbani AA (2018) Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: ICISSP, pp. 108–116

    Google Scholar 

  33. Stein G, Chen B, Wu AS, Hua KA (2005) Decision tree classifier for network intrusion detection with ga-based feature selection. In: ACM Southeast regional conference (2), pp 136–141. ACM

    Google Scholar 

  34. Suri R, Murty MN, Athithan G (2019) outlier detection: techniques and applications. Springer

    Google Scholar 

  35. Sutton RS, Barto AG (2018) Reinforcement learning: an introduction. MIT Press

    Google Scholar 

  36. Wu Y, Lee WW, Xu Z, Ni M (2020) Large-scale and robust intrusion detection model combining improved deep belief network with feature-weighted SVM. IEEE Access 8:98600–98611

    Article  Google Scholar 

  37. Xu X, Wang X (2005) An adaptive network intrusion detection method based on pca and support vector machines. In: International conference on advanced data mining and applications, pp 696–703. Springer

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Industrial University of Ho Chi Minh city, Ho Chi Minh city, Vietnam

    Quang-Vinh Dang & Thanh-Hai Vo

Authors
  1. Quang-Vinh Dang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thanh-Hai Vo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Quang-Vinh Dang .

Editor information

Editors and Affiliations

  1. Middlesex University, London, UK

    Xin-She Yang

  2. University of Reading, Reading, UK

    Simon Sherratt

  3. JIS University, Kolkata, India

    Nilanjan Dey

  4. Global Knowledge Research Foundation, Ahmedabad, India

    Amit Joshi

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Dang, QV., Vo, TH. (2022). Reinforcement Learning for the Problem of Detecting Intrusion in a Computer System. In: Yang, XS., Sherratt, S., Dey, N., Joshi, A. (eds) Proceedings of Sixth International Congress on Information and Communication Technology. Lecture Notes in Networks and Systems, vol 236. Springer, Singapore. https://doi.org/10.1007/978-981-16-2380-6_66

Download citation

Publish with us

Policies and ethics

Search

Navigation