scholarly journals CNN-Based Network Intrusion Detection against Denial-of-Service Attacks

Electronics ◽  
2020 ◽  
Vol 9 (6) ◽  
pp. 916 ◽  
Author(s):  
Jiyeon Kim ◽  
Jiwon Kim ◽  
Hyunjung Kim ◽  
Minsun Shim ◽  
Eunjung Choi
Keyword(s):  
Neural Network ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Denial Of Service ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
National Defense ◽  
Dos Attacks ◽  
Detection Systems ◽  
Network Intrusion

As cyberattacks become more intelligent, it is challenging to detect advanced attacks in a variety of fields including industry, national defense, and healthcare. Traditional intrusion detection systems are no longer enough to detect these advanced attacks with unexpected patterns. Attackers bypass known signatures and pretend to be normal users. Deep learning is an alternative to solving these issues. Deep Learning (DL)-based intrusion detection does not require a lot of attack signatures or the list of normal behaviors to generate detection rules. DL defines intrusion features by itself through training empirical data. We develop a DL-based intrusion model especially focusing on denial of service (DoS) attacks. For the intrusion dataset, we use KDD CUP 1999 dataset (KDD), the most widely used dataset for the evaluation of intrusion detection systems (IDS). KDD consists of four types of attack categories, such as DoS, user to root (U2R), remote to local (R2L), and probing. Numerous KDD studies have been employing machine learning and classifying the dataset into the four categories or into two categories such as attack and benign. Rather than focusing on the broad categories, we focus on various attacks belonging to same category. Unlike other categories of KDD, the DoS category has enough samples for training each attack. In addition to KDD, we use CSE-CIC-IDS2018 which is the most up-to-date IDS dataset. CSE-CIC-IDS2018 consists of more advanced DoS attacks than that of KDD. In this work, we focus on the DoS category of both datasets and develop a DL model for DoS detection. We develop our model based on a Convolutional Neural Network (CNN) and evaluate its performance through comparison with an Recurrent Neural Network (RNN). Furthermore, we suggest the optimal CNN design for the better performance through numerous experiments.

Improving Performance and Convergence Rates in Multi-Layer Feed Forward Neural Network Intrusion Detection Systems

2014 ◽  
Vol 5 (3) ◽  
pp. 24-36 ◽  
Author(s):  
Loye Lynn Ray ◽  
Henry Felch
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Convergence Rates ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
Review Of The Literature ◽  
Feed Forward Neural Network ◽  
Detection Systems ◽  
Network Intrusion ◽  
Network Intrusion Detection Systems

Today's anomaly-based network intrusion detection systems (IDSs) are plagued with detecting new and unknown attacks. The review of the literature builds ideas for researching the problem of detecting these attacks using multi-layered feed forward neural network (MLFFNN) IDSs. The scope of the paper focused on a review of the literature from primarily 2008 to the present found in peer-review and scholarly journals. A key word search was used to compare and contrast the literature to find strengths, weaknesses and gaps. The significance of the research found that further work is needed to improve the performance and convergence rates of MLFFNN IDSs. This literature review contributes to the area of intrusion detection by looking at the effects of architecture, algorithms, and input data on the performance and convergence rates of MLFFNN IDSs.

scholarly journals Comparison of Machine Learning and Deep Learning Models for Network Intrusion Detection Systems

2020 ◽  
Vol 12 (10) ◽  
pp. 167
Author(s):  
Niraj Thapa ◽  
Zhipeng Liu ◽  
Dukka B. KC ◽  
Balakrishna Gokaraju ◽  
Kaushik Roy
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Detection Rate ◽  
Intrusion Detection Systems ◽  
Network Intrusion Detection ◽  
High Detection Rate ◽  
Detection Systems ◽  
Network Intrusion ◽  
High Detection

The development of robust anomaly-based network detection systems, which are preferred over static signal-based network intrusion, is vital for cybersecurity. The development of a flexible and dynamic security system is required to tackle the new attacks. Current intrusion detection systems (IDSs) suffer to attain both the high detection rate and low false alarm rate. To address this issue, in this paper, we propose an IDS using different machine learning (ML) and deep learning (DL) models. This paper presents a comparative analysis of different ML models and DL models on Coburg intrusion detection datasets (CIDDSs). First, we compare different ML- and DL-based models on the CIDDS dataset. Second, we propose an ensemble model that combines the best ML and DL models to achieve high-performance metrics. Finally, we benchmarked our best models with the CIC-IDS2017 dataset and compared them with state-of-the-art models. While the popular IDS datasets like KDD99 and NSL-KDD fail to represent the recent attacks and suffer from network biases, CIDDS, used in this research, encompasses labeled flow-based data in a simulated office environment with both updated attacks and normal usage. Furthermore, both accuracy and interpretability must be considered while implementing AI models. Both ML and DL models achieved an accuracy of 99% on the CIDDS dataset with a high detection rate, low false alarm rate, and relatively low training costs. Feature importance was also studied using the Classification and regression tree (CART) model. Our models performed well in 10-fold cross-validation and independent testing. CART and convolutional neural network (CNN) with embedding achieved slightly better performance on the CIC-IDS2017 dataset compared to previous models. Together, these results suggest that both ML and DL methods are robust and complementary techniques as an effective network intrusion detection system.

Sign in / Sign up

Export Citation Format

Share Document