An Efficient Intrusion Detection System Using Improved Bias Based Convolutional Neural Network Classifier

Today’s modern society has faced many challenges due to the rapid digitization and growing number of hackers, which makes the networking-based systems to become a target place for intruders. The attacks may allure the users, and it compromised the whole system and makes the security the biggest challenge. In this regard, the best way to combat the issues is by exploring new ways to defend the network against threats. More recently, Intrusion Detection Systems (IDS) is a key enabling technology in maintaining the novel network security. Indeed, some existing systems utilize Improved Relevance Vector Machine (IVRM) classifier for performing intrusion detection in network-based systems. In this work, feature selection is done by using Gaussian Firefly Algorithm and Improved Relevance Vector Machine (IRVM) based classification is performed according to the selected features. However, for large-scale intrusion dataset, the intrusion detection is not robust; hence, it leads to high attack rates. The proposed system designed an Improved Bias based Convolutional Neural Network (ICNN) for high attack intrusion detection. For embracing high-security factors and enhanced protection, the proposed system performs three phases, such as preprocessing, feature selection, and classification. The first phase employs the KDD dataset and Kalman filtering method followed by feature selection utilizes Inertia Weight based Dragonfly Algorithm (IWDA) and finally identified the intrusion attacks using Improved Bias based Convolutional Neural Network (IBCNN) classifier. In this work, a novel model performed with the KDD dataset. The suggested method evaluated in terms of accuracy, f-measure, recall, and precision for examining performance compared with existing systems.

Download Full-text

TR-IDS: Anomaly-Based Intrusion Detection through Text-Convolutional Neural Network and Random Forest

Security and Communication Networks ◽

10.1155/2018/4943509 ◽

2018 ◽

Vol 2018 ◽

pp. 1-9 ◽

Cited By ~ 22

Author(s):

Erxue Min ◽

Jun Long ◽

Qiang Liu ◽

Jianjing Cui ◽

Wei Chen

Keyword(s):

Neural Network ◽

Random Forest ◽

Intrusion Detection ◽

Convolutional Neural Network ◽

Detection System ◽

Statistical Features ◽

Detection Systems ◽

Network Intrusion ◽

Network Intrusion Detection Systems ◽

Packet Header

As we head towards the IoT (Internet of Things) era, protecting network infrastructures and information security has become increasingly crucial. In recent years, Anomaly-Based Network Intrusion Detection Systems (ANIDSs) have gained extensive attention for their capability of detecting novel attacks. However, most ANIDSs focus on packet header information and omit the valuable information in payloads, despite the fact that payload-based attacks have become ubiquitous. In this paper, we propose a novel intrusion detection system named TR-IDS, which takes advantage of both statistical features and payload features. Word embedding and text-convolutional neural network (Text-CNN) are applied to extract effective information from payloads. After that, the sophisticated random forest algorithm is performed on the combination of statistical features and payload features. Extensive experimental evaluations demonstrate the effectiveness of the proposed methods.

Download Full-text

DCNN-IDS : Deep Convolutional Neural Network based Intrusion Detection System

10.36227/techrxiv.12151734.v1 ◽

2020 ◽

Author(s):

Sriram Srinivasan ◽

Shashank A ◽

vinayakumar R ◽

Soman KP

Keyword(s):

Neural Network ◽

Intrusion Detection ◽

Convolutional Neural Network ◽

Intrusion Detection System ◽

Input Data ◽

Detection System ◽

Deep Convolutional Neural Network ◽

Traffic Data ◽

Data Set ◽

Research Problems

In the present era, cyberspace is growing tremendously and the intrusion detection system (IDS) plays a key role in it to ensure information security. The IDS, which works in network and host level, should be capable of identifying various malicious attacks. The job of network-based IDS is to differentiate between normal and malicious traffic data and raise an alert in case of an attack. Apart from the traditional signature and anomaly-based approaches, many researchers have employed various deep learning (DL) techniques for detecting intrusion as DL models are capable of extracting salient features automatically from the input data. The application of deep convolutional neural network (DCNN), which is utilized quite often for solving research problems in image processing and vision fields, is not explored much for IDS. In this paper, a DCNN architecture for IDS which is trained on KDDCUP 99 data set is proposed. This work also shows that the DCNN-IDS model performs superior when compared with other existing works.

Download Full-text

Lightweight Convolutional Neural Network Based Intrusion Detection System

Journal of Communications ◽

10.12720/jcm.15.11.808-817 ◽

2020 ◽

pp. 808-817

Author(s):

Vinh Pham ◽

◽

Eunil Seo ◽

Tai-Myoung Chung

Keyword(s):

Neural Network ◽

Machine Learning ◽

Intrusion Detection ◽

Convolutional Neural Network ◽

Network Traffic ◽

Detection System ◽

Image Data ◽

Training Data ◽

Deep Packet Inspection ◽

Detection Model

Identifying threats contained within encrypted network traffic poses a great challenge to Intrusion Detection Systems (IDS). Because traditional approaches like deep packet inspection could not operate on encrypted network traffic, machine learning-based IDS is a promising solution. However, machine learning-based IDS requires enormous amounts of statistical data based on network traffic flow as input data and also demands high computing power for processing, but is slow in detecting intrusions. We propose a lightweight IDS that transforms raw network traffic into representation images. We begin by inspecting the characteristics of malicious network traffic of the CSE-CIC-IDS2018 dataset. We then adapt methods for effectively representing those characteristics into image data. A Convolutional Neural Network (CNN) based detection model is used to identify malicious traffic underlying within image data. To demonstrate the feasibility of the proposed lightweight IDS, we conduct three simulations on two datasets that contain encrypted traffic with current network attack scenarios. The experiment results show that our proposed IDS is capable of achieving 95% accuracy with a reasonable detection time while requiring relatively small size training data.

Download Full-text

Fusion of Feature Selection and Random Forest for an Anomaly-Based Intrusion Detection System

Journal of Computational and Theoretical Nanoscience ◽

10.1166/jctn.2019.8332 ◽

2019 ◽

Vol 16 (8) ◽

pp. 3603-3607 ◽

Cited By ~ 1

Author(s):

Shraddha Khonde ◽

V. Ulagamuthalvi

Keyword(s):

Feature Selection ◽

Random Forest ◽

Intrusion Detection ◽

Real Time ◽

Intrusion Detection System ◽

New Technologies ◽

Detection System ◽

Sensitive Data ◽

Detection Systems ◽

New Type

Considering current network scenario hackers and intruders has become a big threat today. As new technologies are emerging fast, extensive use of these technologies and computers, what plays an important role is security. Most of the computers in network can be easily compromised with attacks. Big issue of concern is increase in new type of attack these days. Security to the sensitive data is very big threat to deal with, it need to consider as high priority issue which should be addressed immediately. Highly efficient Intrusion Detection Systems (IDS) are available now a days which detects various types of attacks on network. But we require the IDS which is intelligent enough to detect and analyze all type of new threats on the network. Maximum accuracy is expected by any of this intelligent intrusion detection system. An Intrusion Detection System can be hardware or software that analyze and monitors all activities of network to detect malicious activities happened inside the network. It also informs and helps administrator to deal with malicious packets, which if enters in network can harm more number of computers connected together. In our work we have implemented an intellectual IDS which helps administrator to analyze real time network traffic. IDS does it by classifying packets entering into the system as normal or malicious. This paper mainly focus on techniques used for feature selection to reduce number of features from KDD-99 dataset. This paper also explains algorithm used for classification i.e., Random Forest which works with forest of trees to classify real time packet as normal or malicious. Random forest makes use of ensembling techniques to give final output which is derived by combining output from number of trees used to create forest. Dataset which is used while performing experiments is KDD-99. This dataset is used to train all trees to get more accuracy with help of random forest. From results achieved we can observe that random forest algorithm gives more accuracy in distributed network with reduced false alarm rate.

Download Full-text

Network security intrusion detection system based on incremental improved convolutional neural network model

2016 International Conference on Communication and Electronics Systems (ICCES) ◽

10.1109/cesys.2016.7889881 ◽

2016 ◽

Cited By ~ 1

Author(s):

Chao Deng ◽

Haiye Qiao

Keyword(s):

Neural Network ◽

Network Security ◽

Intrusion Detection ◽

Convolutional Neural Network ◽

Network Model ◽

Neural Network Model ◽

Intrusion Detection System ◽

Detection System

Download Full-text

Network Attacks Detection by Hierarchical Neural Network

Computer Engineering and Applications Journal ◽

10.18495/comengapp.v4i2.108 ◽

2015 ◽

Vol 4 (2) ◽

pp. 119-132

Author(s):

Mohammad Masoud Javidi

Keyword(s):

Neural Network ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Single Agent ◽

Attack Detection ◽

Intrusion Detection Systems ◽

Training Dataset ◽

Detection Systems ◽

Combination Of Classifiers

Intrusion detection is an emerging area of research in the computer security and net-works with the growing usage of internet in everyday life. Most intrusion detection systems (IDSs) mostly use a single classifier algorithm to classify the network traffic data as normal behavior or anomalous. However, these single classifier systems fail to provide the best possible attack detection rate with low false alarm rate. In this paper,we propose to use a hybrid intelligent approach using a combination of classifiers in order to make the decision intelligently, so that the overall performance of the resul-tant model is enhanced. The general procedure in this is to follow the supervised or un-supervised data filtering with classifier or cluster first on the whole training dataset and then the output are applied to another classifier to classify the data. In this re- search, we applied Neural Network with Supervised and Unsupervised Learning in order to implement the intrusion detection system. Moreover, in this project, we used the method of Parallelization with real time application of the system processors to detect the systems intrusions.Using this method enhanced the speed of the intrusion detection. In order to train and test the neural network, NSLKDD database was used. Creating some different intrusion detection systems, each of which considered as a single agent, we precisely proceeded with the signature-based intrusion detection of the network.In the proposed design, the attacks have been classified into 4 groups and each group is detected by an Agent equipped with intrusion detection system (IDS).These agents act independently and report the intrusion or non-intrusion in the system; the results achieved by the agents will be studied in the Final Analyst and at last the analyst reports that whether there has been an intrusion in the system or not.Keywords: Intrusion Detection, Multi-layer Perceptron, False Positives, Signature- based intrusion detection, Decision tree, Nave Bayes Classifier

Download Full-text

An Approach for Host-Based Intrusion Detection System Design Using Convolutional Neural Network

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering - Mobile Networks and Management ◽

10.1007/978-3-319-90775-8_10 ◽

2018 ◽

pp. 116-126 ◽

Cited By ~ 3

Author(s):

Nam Nhat Tran ◽

Ruhul Sarker ◽

Jiankun Hu

Keyword(s):

Neural Network ◽

Intrusion Detection ◽

Convolutional Neural Network ◽

System Design ◽

Intrusion Detection System ◽

Detection System

Download Full-text

DCNN-IDS : Deep Convolutional Neural Network based Intrusion Detection System

10.36227/techrxiv.12151734 ◽

2020 ◽

Author(s):

Sriram Srinivasan ◽

Shashank A ◽

vinayakumar R ◽

Soman KP

Keyword(s):

Neural Network ◽

Intrusion Detection ◽

Convolutional Neural Network ◽

Intrusion Detection System ◽

Input Data ◽

Detection System ◽

Deep Convolutional Neural Network ◽

Traffic Data ◽

Data Set ◽

Research Problems

Download Full-text

Classification of Intrusion using Artificial Neural Network with GWO

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.d7597.049420 ◽

2020 ◽

Vol 9 (4) ◽

pp. 599-606

Keyword(s):

Neural Network ◽

Artificial Neural Network ◽

Intrusion Detection ◽

Detection System ◽

Denial Of Service ◽

Data Set ◽

Detection Systems ◽

Network Intrusion ◽

Network Intrusion Detection Systems ◽

Artificial Neural

In the present milieu of connected world, where security is the major concern, Intrusion Detection System is the prominent area of research to deal with various types of attacks in network. Intrusion detection systems (IDS) finds the dynamic and malicious traffic of network, in accordance to the aspect of network. Various form of IDS has been developed working on distinctive approaches. One popular approach is machine learning in which various algorithms like ANN, SVM etc. have been used. But the most prominent method used is ANN. The performance of the ANN can significantly be improved by combining it with different metaheuristic algorithms. In present work, GWO is used to optimize ANN. For this KDD-99 data-set is used to classify various types of attacks i.e. denial of service (DOS), normal and other form of attack. The present paper provides detailed analysis of the performance of Artificial Neural Network and optimized Artificial Neural Network with GA, PSO and GWO. The research shows that ANN with GWO outperform as compared to others (ANN, ANN with PSO and ANN with GA).

Download Full-text