Abstract
The ever increasing threat and complexity of modern cyber-attacks requires search for integrated and flexible intelligent defense mechanisms. Such approaches can provide optimal countermeasures, reliable credentials extraction and self-adjusting potential. Given the widespread scale of modern networks and the complexity of cyber-attacks, the problem of self-adaptation goes far beyond the capabilities of network Intrusion Detection Systems (IDS). The main weakness of IDS is the fact that they cannot adapt to new network conditions (“zero day” attacks). This research tries to overcome the above limitation, by introducing a Semi-supervised Discriminant Autoencoder (AUE) which combines Denoising AUEs with a heuristic method of class separation. In essence, the proposed algorithm learns to remodel the displaced specimens instead of the original ones in the super-sphere defined by their closest neighbors. The purpose is to understand the nature of an attack, based on generalized transformed features derived directly from unknown web environments and data.
Similar content being viewed by others
References
Sample C, Schaffer K (2013) An overview of anomaly detection—IEEE Journals & Magazine. IT Prof 15(1):8–11
Rudd E et al (2016) A survey of stealth malware: attacks, mitigation measures, and steps toward autonomous open world solutions. arXiv preprint arXiv:1603.06028
Novikov D, Yampolskiy RV, Reznik L, (2006) Anomaly detection based intrusion detection. In: Proceedings of the third international conference on information technology: new generations, 10–12 April. IEEE Xplore Press, Las Vegas, pp 420–425
Tartakovsky AG, Rozovskii BL, Blazek RB, Kim H (2006) A novel approach to detection of intrusions in computer networks via adaptive sequential and batch-sequential change-point detection methods. IEEE Trans Signal Process 54(9):3372–3382
Dahlia A, Zainaddin A, Hanapi ZM (2013) Hybrid of fuzzy clustering neural network over nsl dataset for intrusion detection system. J Comput Sci 9(3):391–403. https://doi.org/10.3844/jcssp.2013.391.403
Bharti K, Jain S, Shukla S (2010) Fuzzy K-mean clustering via random forest for intrusiion detection system. Int J Comput Sci Eng 2(06):2197–2200
Almubayed A, Hadi A, Atoum J (2015) A model for detecting tor encrypted traffic using supervised machine learning, I. J Comput Netw Inf Secur 7:10–23
Sang-Jun H, Sung-Bae C (2005) Evolutionary neural networks for anomaly detection based on the behavior of a program. IEEE Trans Syst Man Cybern 36:559–570
Kolter JZ, Maloof MA (2006) Learning to detect and classify malicious executables in the wild. J ML Res 7:2721–2744
Hsu C-H, Huang C-Y, Chen K-T (2010) Fast-flux bot detection in real time. In: 13th International conference on recent advances in intrusion detection, ser. RAID’10
Soltanaghaei E, Kharrazi M (2015) Detection of fast-flux botnets through DNS traffic analysis. Sci Iran 22(6):2389
Gardiner J, Nagaraja S (2014) On the reliability of network measurement techniques used for malware traffic analysis. In: Security protocols XXII, pp 321–333
Cheon EH, Huang Z, Lee YS (2013) Preventing SQL injection attack based on machine learning. Int J Adv Comput Technol 5(9):967–974
Burguera I, Zurutuza U, Nadjm-Tehrani S (2011) Crowdroid: behavior-based malware detection system for android. In: 1st ACM workshop on SPSM. ACM, pp 15–26
Yeo M et al (2018) Flow-based malware detection using convolutional neural network. In: 2018 International conference on information networking (ICOIN), Chiang Mai, pp 910–913
Sethi K, Kumar R, Sethi L, Bera P, Patra PK (2019) A novel machine learning based malware detection and classification framework. In: 2019 International conference on cyber security and protection of digital services (cyber security), Oxford, pp 1–4
Halimaa A, Sundarakantham K (2019) Machine learning based intrusion detection system. In: 2019 3rd international conference on trends in electronics and informatics (ICOEI), Tirunelveli, pp 916–920
Dalvi N, Domingos P, Sanghai S, Verma D (2004) Adversarial classification. In Proceedings of the tenth ACM SIGKDD international conference on knowledge discovery and data mining (KDD), Seattle, 22–25 Aug 2004, pp 99–108
Blount JJ, Tauritz DR, Mulder DR (2011) Adaptive rule-based malware detection employing learning classifier systems: a proof of concept. In: 2011 IEEE 35th annual computer software and applications conference workshops, Munich, pp 110–115
Lee P, Clark A, Alomair B, Bushnell L, Poovendran R (2016) Distributed adaptive patching strategies against malware propagation: a passivity approach. In: 2016 IEEE 55th conference on decision and control (CDC), Las Vegas, pp 2587–2594
Ali MH, Fadlizolkipi M, Firdaus A, Khidzir NZ (2018) A hybrid particle swarm optimization—extreme learning machine approach for intrusion detection system. In: 2018 IEEE student conference on research and development (SCOReD), Selangor, pp 1–4
Usama M, Asim M, Latif S, Qadir J, Ala-Al-Fuqaha (2019) Generative adversarial networks for launching and thwarting adversarial attacks on network intrusion detection systems. In: 2019 15th international wireless communications & mobile computing conference (IWCMC), Tangier, pp 78–83
Al-Dujaili A, Huang A, Hemberg E, O’Reilly U (2018) Adversarial deep learning for robust detection of binary encoded malware. In: 2018 IEEE security and privacy workshops (SPW), San Francisco, pp 76–82
Haffner P, Sen S, Spatscheck O, Wang D (2005) ACAS: automated construction of application signatures. In: Proceedings of the ACM SIGCOMM, pp 197–202
Guntuku SC, Narang P, Hota C (2013) Real-time peer-to-peer botnet detection framework based on Bayesian regularized neural network. arXiv:1307.7464 [cs.NI]
Gou J, Yi Z, Du L, Xiong T (2012) A local mean-based k-nearest centroid neighbor classifier. Comput J 55(9):1058–1071
Shah S, Singh M (2012) Comparison of a time efficient modified K-mean algorithm with K-mean and K-medoid algorithm. In: 2012 International conference on communication systems and network technologies, Rajkot, pp 435–437
Chen Z, Yeo CK, Lee BS, Lau CT (2018) Autoencoder-based network anomaly detection. In: 2018 Wireless telecommunications symposium (WTS), Phoenix, pp 1–5
Chapelle O, Schölkopf B, Zien A (2006) Semi-supervised learning in practice. In Semi-supervised learning, MITP, pp 331–331
Goodfellow I, Bengio Y, Courville A (2016) Deep learning. MIT Press, Cambridge
Wackerly D, Mendenhall W, Scheaffer RL (2008) Mathematical statistics with applications, 7th edn. Thomson Higher Education, Belmont
El-Khamy SE, Sadek RA, El-Khoreby MA (2015) An efficient brain mass detection with adaptive clustered based fuzzy C-mean and thresholding. In: 2015 IEEE international conference on signal and image processing applications (ICSIPA), pp 429–433
Acknowledgements
This paper performance was supported by Wonkwang University in 2020.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The author declares that they have no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Zhao, F., Zhang, H., Peng, J. et al. A semi-self-taught network intrusion detection system. Neural Comput & Applic 32, 17169–17179 (2020). https://doi.org/10.1007/s00521-020-04914-7
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00521-020-04914-7