Skip to main content
SpringerLink
Log in

APAE: an IoT intrusion detection system using asymmetric parallel auto-encoder

  • S.I. : Machine Learning Applications for Security
  • Published:
Neural Computing and Applications Aims and scope Submit manuscript

Abstract

In recent years, the world has dramatically moved toward using the internet of things (IoT), and the IoT has become a hot research field. Among various aspects of IoT, real-time cyber-threat protection is one of the most crucial elements due to the increasing number of cyber-attacks. However, current IoT devices often offer minimal security features and are vulnerable to cyber-attacks. Therefore, it is crucial to develop tools to detect such attacks in real time. This paper presents a new and intelligent network intrusion detection system named APAE that is based on an asymmetric parallel auto-encoder and is able to detect various attacks in IoT networks. The encoder part of APAE has a lightweight architecture that contains two encoders in parallel, each one having three successive layers of convolutional filters. The first encoder is for extracting local features using standard convolutional layers and a positional attention module. The second encoder also extracts the long-range information using dilated convolutional layers and a channel attention module. The decoder part of APAE is different from its encoder and has eight successive transposed convolution layers. The proposed APAE approach has a lightweight and suitable architecture for real-time attack detection and provides very good generalization performance even after training using very limited training records. The efficacy of the APAE has been evaluated using three popular public datasets named UNSW-NB15, CICIDS2017, and KDDCup99, and the results showed the superiority of the proposed model over the state-of-the-art algorithms.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2.
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

Availability of data and material

None.

References

  1. Stoyanova M, Nikoloudakis Y, Panagiotakis S, Pallis E, Markakis EK (2020) A survey on the internet of things (IoT) forensics: challenges, approaches and open issues. IEEE Commun Surv Tutor 22:1191

    Article  Google Scholar 

  2. Al-Garadi MA, Mohamed A, Al-Ali A, Du X, Ali I, Guizani M (2020) A survey of machine and deep learning methods for internet of things (IoT) security. IEEE Commun Surv Tutor 22:1646

    Article  Google Scholar 

  3. Popoola SI, Adebisi B, Hammoudeh M, Gui G, Gacanin H (2020) Hybrid Deep Learning for Botnet Attack Detection in the Internet of Things Networks. IEEE Int Things J 8:4944

    Article  Google Scholar 

  4. Mbarek B, Ge M, Pitner T (2020) Enhanced network intrusion detection system protocol for internet of things. In Proceedings of the 35th annual ACM symposium on applied computing, pp 1156–1163.

  5. Louati F, Ktata FB (2020) A deep learning-based multi-agent system for intrusion detection. SN Appl Sci 2(4):1–13

    Article  Google Scholar 

  6. Gao M, Song Y, Xin Y (2020) Intrusion detection based on fusing deep neural networks and transfer learning. In Digital TV and wireless multimedia communication: 16th international forum, IFTC 2019, Shanghai, China, September 19–20, 2019, Revised selected papers, Springer Nature, Berlin, vol 1181, p 212.

  7. Rashid A, Siddique MJ, Ahmed SM (2020) Machine and deep learning based comparative analysis using hybrid approaches for intrusion detection system. In: 2020 3rd International conference on advancements in computational sciences (ICACS): IEEE, pp 1–9.

  8. Gamal M, Abbas H, Sadek R (2020) Hybrid approach for improving intrusion detection based on deep learning and machine learning techniques. Joint European-US workshop on applications of invariance in computer vision. Springer, pp 225–236

    Google Scholar 

  9. D. Vallejo-Huanga (2020) Empirical exploration of machine learning techniques for detection of anomalies based on NIDS. IEEE Latin Am Trans 100(1e)

  10. Intrusion Detection Evaluation Dataset (CIC-IDS2017): https://www.unb.ca/cic/datasets/ids-2017.html

  11. KDD Cup 1999 Data: http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

  12. The UNSW-NB15 Dataset: https://www.unsw.adfa.edu.au/unsw-canberra-cyber/cybersecurity/ADFA-NB15-Datasets/

  13. Araujo-Filho PFd, Kaddoum G, Campelo DR, Santos AG, Macêdo D, Zanchettin C (2020) Intrusion detection for cyber-physical systems using generative adversarial networks in fog environment. IEEE Int Things J 1–1. doi: https://doi.org/10.1109/JIOT.2020.3024800.

  14. Chaabouni N, Mosbah M, Zemmari A, Sauvignac C, Faruki P (2019) Network intrusion detection for IoT security based on learning techniques. IEEE Commun Surv Tutor 21(3):2671–2701. https://doi.org/10.1109/COMST.2019.2896380

    Article  Google Scholar 

  15. Li T, Wu B, Yang Y, Fan Y, Zhang Y, Liu W (2019) Compressing convolutional neural networks via factorized convolutional filters. In Proceedings of the IEEE conference on computer vision and pattern recognition, pp 3977–3986.

  16. Deng L, Li G, Han S, Shi L, Xie Y (2020) Model compression and hardware acceleration for neural networks: a comprehensive survey. Proc IEEE 108(4):485–532. https://doi.org/10.1109/JPROC.2020.2976475

    Article  Google Scholar 

  17. Khan A, Sohail A, Zahoora U, Qureshi AS (2020) A survey of the recent architectures of deep convolutional neural networks. Artif Intell Rev 53(8):5455–5516

    Article  Google Scholar 

  18. Scherer D, Müller A, Behnke S (2010) Evaluation of pooling operations in convolutional architectures for object recognition. International conference on artificial neural networks. Springer, pp 92–101

    Google Scholar 

  19. Ng A (2011) Sparse autoencoder. CS294A Lecture notes 72: 1–19

  20. He D et al (2019) Intrusion detection based on stacked autoencoder for connected healthcare systems. IEEE Netw 33(6):64–69. https://doi.org/10.1109/MNET.001.1900105

    Article  Google Scholar 

  21. Preethi D, Khare N (2020) Sparse auto encoder driven support vector regression based deep learning model for predicting network intrusions. Peer-to-Peer Netw Appl 1–11

  22. Van NT, Thinh TN (2020) Temporal features learning using autoencoder for anomaly detection in network traffic. International conference on green technology and sustainable development. Springer, pp 15–26

    Google Scholar 

  23. Ramamurthy M, Robinson YH, Vimal S, Suresh A (2020) Auto encoder based dimensionality reduction and classification using convolutional neural networks for hyperspectral images. Microprocess Microsyst 79:103280

    Article  Google Scholar 

  24. Lee SJ et al (2020) IMPACT: Impersonation attack detection via edge computing using deep autoencoder and feature abstraction. IEEE Access 8:65520–65529

    Article  Google Scholar 

  25. Xu C, Shen J, Du X (2020) A method of few-shot network intrusion detection based on meta-learning framework. IEEE Trans Inf Forensics Secur 15:3540–3552. https://doi.org/10.1109/TIFS.2020.2991876

    Article  Google Scholar 

  26. Zavrak S, İskefiyeli M (2020) Anomaly-based intrusion detection from network flow features using variational autoencoder. IEEE Access 8:108346–108358

    Article  Google Scholar 

  27. Dutta V, Choraś M, Kozik R, Pawlicki M (2020) Hybrid model for improving the classification effectiveness of network intrusion detection. In: Cham ÁH, Cambra C, Urda D, Sedano J, Quintián H, Corchado E (eds) 13th international conference on computational intelligence in security for information systems (CISIS 2020), 2021//2021: Springer International Publishing, pp. 405–414.

  28. Khan FA, Gumaei A, Derhab A, Hussain A (2019) A novel two-stage deep learning model for efficient network intrusion detection. IEEE Access 7:30373–30385. https://doi.org/10.1109/ACCESS.2019.2899721

    Article  Google Scholar 

  29. Yang Y, Zheng K, Wu B, Yang Y, Wang X (2020) Network intrusion detection based on supervised adversarial variational auto-encoder with regularization. IEEE Access 8:42169–42184. https://doi.org/10.1109/ACCESS.2020.2977007

    Article  Google Scholar 

  30. Li X, Chen W, Zhang Q, Wu L (2020) Building auto-encoder intrusion detection system based on random forest feature selection. Comput Sec 101851

  31. Dong Gongl LL, Vuong L, Budhaditya Saha, Moussa Reda Mansour, Svetha Venkatesh, Anton van den Hengel (2019) Memorizing Normality to Detect Anomaly: Memory-augmented Deep Autoencoder (MemAE) for Unsupervised Anomaly Detection," presented at the IEEE/CVF International Conference on Computer Vision (ICCV), 2019.

  32. Miah MO, Khan SS, Shatabda S, Farid DM (2019) Improving detection accuracy for imbalanced network intrusion classification using cluster-based under-sampling with random forests. In 2019 1st international conference on advances in science, engineering and robotics technology (ICASERT), 3–5, pp 1–5, doi: https://doi.org/10.1109/ICASERT.2019.8934495.

  33. Alkadi O, Moustafa N, Turnbull B, Choo KR (2020) A deep blockchain framework-enabled collaborative intrusion detection for protecting IoT and cloud networks. IEEE Int Things J, pp 1–1. doi: https://doi.org/10.1109/JIOT.2020.2996590.

  34. Shone N, Ngoc TN, Phai VD, Shi Q (2018) A deep learning approach to network intrusion detection. IEEE Trans Emerg Topics Comput Intell 2(1):41–50. https://doi.org/10.1109/TETCI.2017.2772792

    Article  Google Scholar 

  35. Yao H, Fu D, Zhang P, Li M, Liu Y (2019) MSML: a novel multilevel semi-supervised machine learning framework for intrusion detection system. IEEE Int Things J 6(2):1949–1959. https://doi.org/10.1109/JIOT.2018.2873125

    Article  Google Scholar 

  36. Moustafa N, Turnbull B, Choo KR (2019) An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things. IEEE Int Things J 6(3):4815–4830. https://doi.org/10.1109/JIOT.2018.2871719

    Article  Google Scholar 

  37. Muhammad G, Hossain MS, Garg S (2020) Stacked autoencoder-based intrusion detection system to combat financial fraudulent. IEEE Int Things J 1–1 doi: https://doi.org/10.1109/JIOT.2020.3041184.

  38. Singh P, Kaur A, Aujla GS, Batth RS, Kanhere S (2020) DaaS: dew computing as a service for intelligent intrusion detection in edge-of-things ecosystem. IEEE Int Things J: 1–1. doi: https://doi.org/10.1109/JIOT.2020.3029248.

  39. Yu F, Koltun V (2015) Multi-scale context aggregation by dilated convolutions. arXiv preprint 1511.07122

  40. Vaswani A et al. (2017) Attention is all you need. In: Presented at the 31st international conference on neural information processing systems. http://arxiv.org/abs/1706.03762.

  41. Fu J et al. (2019) Dual attention network for scene segmentation. In 2019 IEEE/CVF conference on computer vision and pattern recognition (CVPR), pp 15–20 2019, pp 3141–3149. doi: https://doi.org/10.1109/CVPR.2019.00326.

  42. Sun Y, Mao H, Guo Q, Yi Z (2016) Learning a good representation with unsymmetrical auto-encoder. Neural Comput Appl 27(5):1361–1367. https://doi.org/10.1007/s00521-015-1939-3

    Article  Google Scholar 

  43. Injadat M, Moubayed A, Nassif AB, Shami A (2020) Multi-stage optimized machine learning framework for network intrusion detection. IEEE Trans Netw Serv Manag 1–1. doi: https://doi.org/10.1109/TNSM.2020.3014929.

  44. Gong LLD, Le V, Saha B, Mansour MR, Venkatesh S, Van Den Hengel A (2019) Memorizing normality to detect anomaly: memory-augmented deep autoencoder for unsupervised anomaly detection. In: IEEE/CVF international conference on computer vision (ICCV) 27 Oct.–2 Nov. 2019, pp 1705–1714. doi: https://doi.org/10.1109/ICCV.2019.00179.

  45. NDAE source code: https://github.com/ngoctn-lqdtu/A-Deep-Learning-Approach-to-Network-Intrusion-Detection

  46. MemAE Source code: https://github.com/donggong1/memae-anomaly-detection

  47. Moustafa N, Slay J (2015) UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 Military communications and information systems conference (MilCIS), 10–12 Nov 2015, pp 1–6. doi: https://doi.org/10.1109/MilCIS.2015.7348942.

Download references

Funding

None.

Author information

Authors and Affiliations

  1. Department of Electrical and Computer Engineering, Graduate University of Advanced Technology, Kerman, Iran

    Amir Basati & Mohammad Mehdi Faghih

Authors
  1. Amir Basati
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohammad Mehdi Faghih
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohammad Mehdi Faghih.

Ethics declarations

Conflict of interest

None.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Basati, A., Faghih, M.M. APAE: an IoT intrusion detection system using asymmetric parallel auto-encoder. Neural Comput & Applic 35, 4813–4833 (2023). https://doi.org/10.1007/s00521-021-06011-9

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00521-021-06011-9

Keywords

Search

Navigation