A Comparison of Neural-Network-Based Intrusion Detection against Signature-Based Detection in IoT Networks

被引:3
作者
Schroetter, Max [1 ]
Niemann, Andreas [1 ]
Schnor, Bettina [1 ]
机构
[1] Univ Potsdam, Dept Comp Sci, D-14476 Potsdam, Germany
关键词
IDS; dataset; deep learning; signature-based-IDS; IoT;
D O I
10.3390/info15030164
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Over the last few years, a plethora of papers presenting machine-learning-based approaches for intrusion detection have been published. However, the majority of those papers do not compare their results with a proper baseline of a signature-based intrusion detection system, thus violating good machine learning practices. In order to evaluate the pros and cons of the machine-learning-based approach, we replicated a research study that uses a deep neural network model for intrusion detection. The results of our replicated research study expose several systematic problems with the used datasets and evaluation methods. In our experiments, a signature-based intrusion detection system with a minimal setup was able to outperform the tested model even under small traffic changes. Testing the replicated neural network on a new dataset recorded in the same environment with the same attacks using the same tools showed that the accuracy of the neural network dropped to 54%. Furthermore, the often-claimed advantage of being able to detect zero-day attacks could not be seen in our experiments.
引用
收藏
页数:26
相关论文
共 72 条
[11]   Federated Learning for Network Intrusion Detection in Ambient Assisted Living Environments [J].
Cholakoska, Ana ;
Gjoreski, Hristijan ;
Rakovic, Valentin ;
Denkovski, Daniel ;
Kalendar, Marija ;
Pfitzner, Bjarne ;
Arnrich, Bert .
IEEE INTERNET COMPUTING, 2023, 27 (04) :15-22
[12]   ARTEMIS: An Intrusion Detection System for MQTT Attacks in Internet of Things [J].
Ciklabakkal, Ege ;
Donmez, Ataberk ;
Erdemir, Mert ;
Suren, Emre ;
Yilmaz, Mert Kaan ;
Angin, Pelin .
2019 IEEE 38TH INTERNATIONAL SYMPOSIUM ON RELIABLE DISTRIBUTED SYSTEMS (SRDS 2019), 2019, :369-371
[13]  
Dambra Savino, 2023, arXiv
[14]   Overview on Intrusion Detection Systems Design Exploiting Machine Learning for Networking Cybersecurity [J].
Dini, Pierpaolo ;
Elhanashi, Abdussalam ;
Begni, Andrea ;
Saponara, Sergio ;
Zheng, Qinghe ;
Gasmi, Kaouther .
APPLIED SCIENCES-BASEL, 2023, 13 (13)
[15]  
docs.snort, Snort Snort 3 Rule Writing Guide
[16]   Troubleshooting an Intrusion Detection Dataset: the CICIDS2017 Case Study [J].
Engelen, Gints ;
Rimmer, Vera ;
Joosen, Wouter .
2021 IEEE SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (SPW 2021), 2021, :7-12
[17]   Deep Learning-based Intrusion Detection for IoT Networks [J].
Ge, Mengmeng ;
Fu, Xiping ;
Syed, Naeem ;
Baig, Zubair ;
Teo, Gideon ;
Robles-Kelly, Antonio .
2019 IEEE 24TH PACIFIC RIM INTERNATIONAL SYMPOSIUM ON DEPENDABLE COMPUTING (PRDC 2019), 2019, :256-265
[18]  
Gharib M, 2019, Arxiv, DOI arXiv:1911.03306
[19]   High Performance Network Metadata Extraction Using P4 for ML-based Intrusion Detection Systems [J].
Gray, Nicholas ;
Dietz, Katharina ;
Seufert, Michael ;
Hossfeld, Tobias .
2021 IEEE 22ND INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE SWITCHING AND ROUTING (IEEE HPSR), 2021,
[20]  
Heuse M., 2005, THC IPv6 Attack Tool Kit