Application of deep learning to enhance the accuracy of intrusion detection in modern computer networks

Application of deep learning to enhance the accuracy of intrusion detection in modern computer networks were studied in this paper. The identification of attacks in computer networks is divided in to two categories of intrusion detection and anomaly detection in terms of the information used in the learning phase. Intrusion detection uses both routine traffic and attack traffic. Abnormal detection methods attempt to model the normal behavior of the system, and any incident that violates this model is considered to be a suspicious behavior. For example, if the web server, which is usually passive, tries to There are many addresses that are likely to be infected with the worm. The abnormal diagnostic methods are Statistical models, Secure system approach, Review protocol, Check files, Create White list, Neural Networks, Genetic Algorithm, Vector Machines, decision tree. Our results have demonstrated that our approach offers high levels of accuracy, precision and recall together with reduced training time. In our future work, the first avenue of exploration for improvement will be to assess and extend the capability of our model to handle zero-day attacks.

Download Full-text

Intrusion Detection Methods Based on Integrated Deep Learning Model

Computers & Security ◽

10.1016/j.cose.2021.102177 ◽

2021 ◽

pp. 102177

Author(s):

ZHENDONG WANG ◽

YAODI LIU ◽

DAOJING HE ◽

SAMMY CHAN

Keyword(s):

Deep Learning ◽

Intrusion Detection ◽

Learning Model ◽

Detection Methods ◽

Deep Learning Model

Download Full-text

Solar Panel Detection within Complex Backgrounds Using Thermal Images Acquired by UAVs

Sensors ◽

10.3390/s20216219 ◽

2020 ◽

Vol 20 (21) ◽

pp. 6219

Author(s):

Jhon Jairo Vega Díaz ◽

Michiel Vlaminck ◽

Dionysios Lefkaditis ◽

Sergio Alejandro Orjuela Vargas ◽

Hiep Luong

Keyword(s):

Deep Learning ◽

Edge Detection ◽

Diagnostic Methods ◽

Detection Methods ◽

Support Vector ◽

Solar Panels ◽

Low Contrast ◽

Whole Process ◽

Imaging Sensors ◽

Processing Techniques

The installation of solar plants everywhere in the world increases year by year. Automated diagnostic methods are needed to inspect the solar plants and to identify anomalies within these photovoltaic panels. The inspection is usually carried out by unmanned aerial vehicles (UAVs) using thermal imaging sensors. The first step in the whole process is to detect the solar panels in those images. However, standard image processing techniques fail in case of low-contrast images or images with complex backgrounds. Moreover, the shades of power lines or structures similar to solar panels impede the automated detection process. In this research, two self-developed methods are compared for the detection of panels in this context, one based on classical techniques and another one based on deep learning, both with a common post-processing step. The first method is based on edge detection and classification, in contrast to the second method is based on training a region based convolutional neural networks to identify a panel. The first method corrects for the low contrast of the thermal image using several preprocessing techniques. Subsequently, edge detection, segmentation and segment classification are applied. The latter is done using a support vector machine trained with an optimized texture descriptor vector. The second method is based on deep learning trained with images that have been subjected to three different pre-processing operations. The postprocessing use the detected panels to infer the location of panels that were not detected. This step selects contours from detected panels based on the panel area and the angle of rotation. Then new panels are determined by the extrapolation of these contours. The panels in 100 random images taken from eleven UAV flights over three solar plants are labeled and used to evaluate the detection methods. The metrics for the new method based on classical techniques reaches a precision of 0.997, a recall of 0.970 and a F1 score of 0.983. The metrics for the method of deep learning reaches a precision of 0.996, a recall of 0.981 and a F1 score of 0.989. The two panel detection methods are highly effective in the presence of complex backgrounds.

Download Full-text

Intrusion Detection System for Internet of Things Based on Temporal Convolution Neural Network and Efficient Feature Engineering

Wireless Communications and Mobile Computing ◽

10.1155/2020/6689134 ◽

2020 ◽

Vol 2020 ◽

pp. 1-16

Author(s):

Abdelouahid Derhab ◽

Arwa Aldweesh ◽

Ahmed Z. Emam ◽

Farrukh Aslam Khan

Keyword(s):

Neural Network ◽

Deep Learning ◽

Internet Of Things ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Machine Learning Algorithms ◽

Convolution Neural Network ◽

Feature Engineering ◽

Training Time

In the era of the Internet of Things (IoT), connected objects produce an enormous amount of data traffic that feed big data analytics, which could be used in discovering unseen patterns and identifying anomalous traffic. In this paper, we identify five key design principles that should be considered when developing a deep learning-based intrusion detection system (IDS) for the IoT. Based on these principles, we design and implement Temporal Convolution Neural Network (TCNN), a deep learning framework for intrusion detection systems in IoT, which combines Convolution Neural Network (CNN) with causal convolution. TCNN is combined with Synthetic Minority Oversampling Technique-Nominal Continuous (SMOTE-NC) to handle unbalanced dataset. It is also combined with efficient feature engineering techniques, which consist of feature space reduction and feature transformation. TCNN is evaluated on Bot-IoT dataset and compared with two common machine learning algorithms, i.e., Logistic Regression (LR) and Random Forest (RF), and two deep learning techniques, i.e., LSTM and CNN. Experimental results show that TCNN achieves a good trade-off between effectiveness and efficiency. It outperforms the state-of-the-art deep learning IDSs that are tested on Bot-IoT dataset and records an accuracy of 99.9986% for multiclass traffic detection, and shows a very close performance to CNN with respect to the training time.

Download Full-text

Intelligent and Effective Intrusion Detection System using Machine Learning Algorithm

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.f1231.089620 ◽

2020 ◽

Vol 9 (6) ◽

pp. 237-240

Keyword(s):

Machine Learning ◽

Deep Learning ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Learning Algorithm ◽

Detection System ◽

Support Vector ◽

Machine Learning Algorithm ◽

Data Set ◽

Training Time

Intrusion Detection System observes the network traffic and identifies the attack and also inform the admin to corrective action. Powerful Intrusion Detection system is required for detection to various modern attack. There is need of efficient Intrusion Detection system .The focus of IDS research is the application of machine Learning and Deep Learning techniques. Projected work is combination of Deep Learning Technique in which Non Symmetric Deep Auto Encoder and Machine Learning Algorithm, Support Vector Machine Classifier is used to develop the Model. Stack power of the Non symmetric Deep Auto Encoder and Quickness with exactness of the SVM makes the Model very efficient. This Model not only improves the accuracy value but also improve recall and precision. It also cause the reduction of training time .To evaluate the performance of the Model and do the analysis the special Data set which are used are KDD CUP and NSL KDD Dataset.

Download Full-text

LITNET-2020: An Annotated Real-World Network Flow Dataset for Network Intrusion Detection

Electronics ◽

10.3390/electronics9050800 ◽

2020 ◽

Vol 9 (5) ◽

pp. 800 ◽

Cited By ~ 2

Author(s):

Robertas Damasevicius ◽

Algimantas Venckauskas ◽

Sarunas Grigaliunas ◽

Jevgenijus Toldinas ◽

Nerijus Morkevicius ◽

...

Keyword(s):

Intrusion Detection ◽

Real World ◽

Network Traffic ◽

Network Flow ◽

Detection Methods ◽

Network Intrusion Detection ◽

Clustering Methods ◽

Modern Computer ◽

Network Intrusion ◽

Flow Features

Network intrusion detection is one of the main problems in ensuring the security of modern computer networks, Wireless Sensor Networks (WSN), and the Internet-of-Things (IoT). In order to develop efficient network-intrusion-detection methods, realistic and up-to-date network flow datasets are required. Despite several recent efforts, there is still a lack of real-world network-based datasets which can capture modern network traffic cases and provide examples of many different types of network attacks and intrusions. To alleviate this need, we present LITNET-2020, a new annotated network benchmark dataset obtained from the real-world academic network. The dataset presents real-world examples of normal and under-attack network traffic. We describe and analyze 85 network flow features of the dataset and 12 attack types. We present the analysis of the dataset features by using statistical analysis and clustering methods. Our results show that the proposed feature set can be effectively used to identify different attack classes in the dataset. The presented network dataset is made freely available for research purposes.

Download Full-text

Network Intrusion Detection Methods Based on Deep Learning

Recent Patents on Engineering ◽

10.2174/1872212114999200403092708 ◽

2020 ◽

Vol 14 ◽

Author(s):

Xiangwen Li ◽

Shuang Zhang

Keyword(s):

Deep Learning ◽

Intrusion Detection ◽

False Positive Rate ◽

Detection Algorithm ◽

Detection Methods ◽

Network Intrusion Detection ◽

Test Time ◽

Data Set ◽

Network Intrusion ◽

Kdd Cup 99

: To detect network attacks more effectively, this study uses Honeypot techniques to collect the latest network attack data and proposes network intrusion detection classification models based on deep learning combined with DNN and LSTM models. Experiments showed that the data set training models gave better results than the KDD CUP 99 training model’s detection rate and false positive rate. The DNN-LSTM intrusion detection algorithm proposed in this study gives better results than KDD CUP 99 training model. Compared to other algorithms such as LeNet, DNN-LSTM intrusion detection algorithm exhibits shorter classification test time along with better accuracy and recall rate of intrusion detection.

Download Full-text

Classification and specific primer design for accurate detection of SARS-CoV-2 using deep learning

Scientific Reports ◽

10.1038/s41598-020-80363-5 ◽

2021 ◽

Vol 11 (1) ◽

Author(s):

Alejandro Lopez-Rincon ◽

Alberto Tonda ◽

Lucero Mendoza-Maldonado ◽

Daphne G. J. C. Mulders ◽

Richard Molenkamp ◽

...

Keyword(s):

Deep Learning ◽

Diagnostic Methods ◽

Added Value ◽

Detection Methods ◽

Minimal Amount ◽

Specific Detection ◽

Data Repositories ◽

Primer Sets ◽

Global Initiative ◽

Virus Strains

AbstractIn this paper, deep learning is coupled with explainable artificial intelligence techniques for the discovery of representative genomic sequences in SARS-CoV-2. A convolutional neural network classifier is first trained on 553 sequences from the National Genomics Data Center repository, separating the genome of different virus strains from the Coronavirus family with 98.73% accuracy. The network’s behavior is then analyzed, to discover sequences used by the model to identify SARS-CoV-2, ultimately uncovering sequences exclusive to it. The discovered sequences are validated on samples from the National Center for Biotechnology Information and Global Initiative on Sharing All Influenza Data repositories, and are proven to be able to separate SARS-CoV-2 from different virus strains with near-perfect accuracy. Next, one of the sequences is selected to generate a primer set, and tested against other state-of-the-art primer sets, obtaining competitive results. Finally, the primer is synthesized and tested on patient samples (n = 6 previously tested positive), delivering a sensitivity similar to routine diagnostic methods, and 100% specificity. The proposed methodology has a substantial added value over existing methods, as it is able to both automatically identify promising primer sets for a virus from a limited amount of data, and deliver effective results in a minimal amount of time. Considering the possibility of future pandemics, these characteristics are invaluable to promptly create specific detection methods for diagnostics.

Download Full-text

A Survey of Intrusion Detection Using Deep Learning in Internet of Things

Iraqi Journal for Computer Science and Mathematics ◽

10.52866/ijcsm.2022.01.01.009 ◽

2022 ◽

pp. 83-93

Author(s):

baraa I. Farhan ◽

Ammar D.Jasim

Keyword(s):

Deep Learning ◽

Internet Of Things ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Accuracy Measurement ◽

Malicious Behavior ◽

Normal Behavior ◽

Secure Network ◽

Real Traffic

The use of deep learning in various models is a powerful tool in detecting IoT attacks, identifying new types of intrusion to access a better secure network. Need to developing an intrusion detection system to detect and classify attacks in appropriate time and automated manner increases especially due to the use of IoT and the nature of its data that causes increasing in attacks. Malicious attacks are continuously changing, that cause new attacks. In this paper we present a survey about the detection of anomalies, thus intrusion detection by distinguishing between normal behavior and malicious behavior while analyzing network traffic to discover new attacks. This paper surveys previous researches by evaluating their performance through two categories of new datasets of real traffic are (CSE-CIC-IDS2018 dataset, Bot-IoT dataset). To evaluate the performance we show accuracy measurement for detect intrusion in different systems.

Download Full-text

A Survey of Deep Learning Techniques for Misuse-Based Intrusion Detection Systems

10.21203/rs.3.rs-208981/v1 ◽

2021 ◽

Author(s):

Jan Lansky ◽

Mokhtar Mohammadi ◽

Adil Hussein Mohammed ◽

Sarkhel H.Taher Karim ◽

Shima Rashidi ◽

...

Keyword(s):

Deep Learning ◽

Intrusion Detection ◽

Computer Networks ◽

Intrusion Detection Systems ◽

Complete Analysis ◽

Learning Networks ◽

Learning Methods ◽

Detection Systems ◽

Learning Techniques

Abstract The ever-increasing complication and severity of the computer networks' security attacks have inspired security researchers to apply various machine learning methods to protect the organizations' data and reputation. Deep learning is one of the exciting techniques that recently have been widely used by intrusion detection systems (IDS) to secure computer networks and hosts' performance. This survey article focuses on the signature-based IDS using deep learning techniques and puts forward an in-depth survey and classification of these schemes. For this purpose, it first presents the essential background concepts about IDS architecture and various deep learning techniques. It then classifies these schemes according to the type of deep learning methods applied in each of them. It describes how deep learning networks are utilized in the misuse detection process to recognize intrusions accurately. Finally, a complete analysis of the investigated IDS frameworks is provided, and concluding remarks and future directions are highlighted.

Download Full-text

A Hybrid NIDS Model Using Artificial Neural Network and D-S Evidence

Deep Learning and Neural Networks ◽

10.4018/978-1-7998-0414-7.ch027 ◽

2020 ◽

pp. 477-488

Author(s):

Chunlin Lu ◽

Yue Li ◽

Mingjie Ma ◽

Na Li

Keyword(s):

Neural Network ◽

Intrusion Detection ◽

Bp Neural Network ◽

False Positive Rate ◽

Detection Methods ◽

Training Time ◽

Dempster Shafer Theory ◽

Positive Rate ◽

Artificial Neural ◽

Shafer Theory

Artificial Neural Networks (ANNs), especially back-propagation (BP) neural network, can improve the performance of intrusion detection systems. However, for the current network intrusion detection methods, the detection precision, especially for low-frequent attacks, detection stability and training time are still needed to be enhanced. In this paper, a new model which based on optimized BP neural network and Dempster-Shafer theory to solve the above problems and help NIDS to achieve higher detection rate, less false positive rate and stronger stability. The general process of the authors' model is as follows: firstly dividing the main extracted feature into several different feature subsets. Then, based on different feature subsets, different ANN models are trained to build the detection engine. Finally, the D-S evidence theory is employed to integration these results, and obtain the final result. The effectiveness of this method is verified by experimental simulation utilizing KDD Cup1999 dataset.

Download Full-text