Attack classification of an intrusion detection system using deep learning and

被引:118
作者
Novaria Kunang, Yesi [1 ,2 ,5 ]
Nurmaini, Siti [2 ]
Stiawan, Deris [3 ]
Suprapto, Bhakti Yudho [4 ]
机构
[1] Univ Sriwijaya, Fac Engn, Doctoral Engn Dept, Palembang, Indonesia
[2] Univ Sriwijaya, Fac Comp Sci, Intelligent Syst Res Grp, Palembang, Indonesia
[3] Univ Sriwijaya, Fac Comp Sci, Comp Networking & Informat Syst, Palembang, Indonesia
[4] Univ Sriwijaya, Fac Engn, Elect Engn Dept, Palembang, Indonesia
[5] Univ Bina Darma, Fac Comp Sci, Palembang, Indonesia
来源
JOURNAL OF INFORMATION SECURITY AND APPLICATIONS | 2021年 / 58卷
关键词
Intrusion detection system; Deep learning; Hyperparameter optimization; Multiclass classification; SPARSE AUTOENCODER; NETWORKS; INTERNET; IOT;
D O I
10.1016/j.jisa.2021.102804
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
A network intrusion detection system (NIDS) is a solution that mitigates the threat of attacks on a network. The success of a NIDS depends on the success of its algorithm and the performance of its method in recognizing attacks. We propose a deep learning intrusion detection system (IDS) using a pretraining approach with deep autoencoder (PTDAE) combined with a deep neural network (DNN). Models were developed using hyperparameter optimization procedures. This research provides an alternative solution to deep learning structure models through an automatic hyperparameter optimization process that combines grid search and random search techniques. The automated hyperparameter optimization process helps determine the value of hyperparameters and the best categorical hyperparameter configuration to improve detection performance. The proposed model was tested on the NSL-KDD, and CSE-CIC-ID2018 datasets. In the pretraining phase, we present the results of applying our technique to three feature extraction methods: deep autoencoder (DAE), autoencoder (AE), and stack autoencoder (SAE). The best results are obtained for the DAE method. These performance results also successfully outperform previous approaches in terms of performance metrics in multiclass classification.
引用
收藏
页数:15
相关论文
共 78 条
[1]   A Survey of Machine and Deep Learning Methods for Internet of Things (IoT) Security [J].
Al-Garadi, Mohammed Ali ;
Mohamed, Amr ;
Al-Ali, Abdulla Khalid ;
Du, Xiaojiang ;
Ali, Ihsan ;
Guizani, Mohsen .
IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 2020, 22 (03) :1646-1685
[2]   Identification of malicious activities in industrial internet of things based on deep learning models [J].
AL-Hawawreh, Muna ;
Moustafa, Nour ;
Sitnikova, Elena .
JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2018, 41 :1-11
[3]   Deep Learning Approach Combining Sparse Autoencoder With SVM for Network Intrusion Detection [J].
Al-Qatf, Majjed ;
Yu Lasheng ;
Al-Habib, Mohammed ;
Al-Sabahi, Kamal .
IEEE ACCESS, 2018, 6 :52843-52856
[4]   An evaluation of the performance of Restricted Boltzmann Machines as a model for anomaly network intrusion detection [J].
Aldwairi, Tamer ;
Perera, Dilina ;
Novotny, Mark A. .
COMPUTER NETWORKS, 2018, 144 :111-119
[5]  
[Anonymous], 2018, A taxonomy and survey of intrusion detection system design techniques, network threats and datasets
[6]  
[Anonymous], 2014, Evaluating Learning Algorithms A Classification Perspective, DOI DOI 10.1017/CBO9780511921803
[7]  
[Anonymous], 2018, P INNOVATIVE SECURIT
[8]  
Bengio Yoshua, 2012, Neural Networks: Tricks of the Trade. Second Edition: LNCS 7700, P437, DOI 10.1007/978-3-642-35289-8_26
[9]  
Bergstra J, 2012, J MACH LEARN RES, V13, P281
[10]  
Clevert D.-A., 2015, 4 INT C LEARN REPR I
12345678