scholarly journals A Residual Learning-Based Network Intrusion Detection System

2021 ◽  
Vol 2021 ◽  
pp. 1-9
Author(s):  
Jiarui Man ◽  
Guozi Sun
Keyword(s):  
Neural Networks ◽  
Intrusion Detection ◽  
Detection System ◽  
Attack Detection ◽  
Network Intrusion Detection ◽  
Detection Accuracy ◽  
Class Imbalance Problem ◽  
Data Set ◽  
Residual Learning ◽  
Network Intrusion

Neural networks have been proved to perform well in network intrusion detection. In order to acquire better features of network traffic, more learning layers are necessarily required. However, according to the results of the previous research, adding layers to the neural networks might fail to improve the classification results. In fact, after the number of layers has reached a certain threshold, performance of the model tends to degrade. In this paper, we propose a network intrusion detection model based on residual learning. After transforming the UNSW-NB15 data set into images, deeper convolutional neural networks with residual blocks are built to learn more critical features. Instead of the cross-entropy loss function, the modified focal loss is calculated to address the class imbalance problem in the training set and identify minor attacks in the testing set. Batch normalization and global average pooling are used to avoid overfitting and enhance the model. Experimental results show that the proposed model can improve attack detection accuracy compared with existing models.

scholarly journals HCRNNIDS: Hybrid Convolutional Recurrent Neural Network-Based Network Intrusion Detection System

Processes ◽  
2021 ◽  
Vol 9 (5) ◽  
pp. 834
Author(s):  
Muhammad Ashfaq Khan
Keyword(s):  
Neural Network ◽  
Intrusion Detection ◽  
Recurrent Neural Network ◽  
Intrusion Detection System ◽  
Detection System ◽  
Attack Detection ◽  
Network Intrusion Detection ◽  
Complex Nature ◽  
Network Intrusion ◽  
Network Intrusion Detection System

Nowadays, network attacks are the most crucial problem of modern society. All networks, from small to large, are vulnerable to network threats. An intrusion detection (ID) system is critical for mitigating and identifying malicious threats in networks. Currently, deep learning (DL) and machine learning (ML) are being applied in different domains, especially information security, for developing effective ID systems. These ID systems are capable of detecting malicious threats automatically and on time. However, malicious threats are occurring and changing continuously, so the network requires a very advanced security solution. Thus, creating an effective and smart ID system is a massive research problem. Various ID datasets are publicly available for ID research. Due to the complex nature of malicious attacks with a constantly changing attack detection mechanism, publicly existing ID datasets must be modified systematically on a regular basis. So, in this paper, a convolutional recurrent neural network (CRNN) is used to create a DL-based hybrid ID framework that predicts and classifies malicious cyberattacks in the network. In the HCRNNIDS, the convolutional neural network (CNN) performs convolution to capture local features, and the recurrent neural network (RNN) captures temporal features to improve the ID system’s performance and prediction. To assess the efficacy of the hybrid convolutional recurrent neural network intrusion detection system (HCRNNIDS), experiments were done on publicly available ID data, specifically the modern and realistic CSE-CIC-DS2018 data. The simulation outcomes prove that the proposed HCRNNIDS substantially outperforms current ID methodologies, attaining a high malicious attack detection rate accuracy of up to 97.75% for CSE-CIC-IDS2018 data with 10-fold cross-validation.

Enhance Network Intrusion Detection System by Exploiting BR Algorithm as an Optimal Feature Selection

2015 ◽  
pp. 17-32 ◽  
Author(s):  
Soukaena Hassan Hashem
Keyword(s):  
Intrusion Detection ◽  
Wireless Network ◽  
Intrusion Detection System ◽  
Missing Values ◽  
Detection System ◽  
Network Intrusion Detection ◽  
Wireless Data ◽  
Data Set ◽  
Network Intrusion ◽  
Network Intrusion Detection System

This chapter aims to build a proposed Wire/Wireless Network Intrusion Detection System (WWNIDS) to detect intrusions and consider many of modern attacks which are not taken in account previously. The proposal WWNIDS treat intrusion detection with just intrinsic features but not all of them. The dataset of WWNIDS will consist of two parts; first part will be wire network dataset which has been constructed from KDD'99 that has 41 features with some modifications to produce the proposed dataset that called modern KDD and to be reliable in detecting intrusion by suggesting three additional features. The second part will be building wireless network dataset by collecting thousands of sessions (normal and intrusion); this proposed dataset is called Constructed Wireless Data Set (CWDS). The preprocessing process will be done on the two datasets (KDD & CWDS) to eliminate some problems that affect the detection of intrusion such as noise, missing values and duplication.

scholarly journals Deep Stacking Network for Intrusion Detection

Sensors ◽  
2021 ◽  
Vol 22 (1) ◽  
pp. 25
Author(s):  
Yifan Tang ◽  
Lize Gu ◽  
Leiting Wang
Keyword(s):  
Intrusion Detection ◽  
Decision Tree ◽  
Classification Accuracy ◽  
Intrusion Detection System ◽  
Detection System ◽  
Detection Performance ◽  
Network Intrusion Detection ◽  
Fusion Model ◽  
Data Set ◽  
Network Intrusion

Preventing network intrusion is the essential requirement of network security. In recent years, people have conducted a lot of research on network intrusion detection systems. However, with the increasing number of advanced threat attacks, traditional intrusion detection mechanisms have defects and it is still indispensable to design a powerful intrusion detection system. This paper researches the NSL-KDD data set and analyzes the latest developments and existing problems in the field of intrusion detection technology. For unbalanced distribution and feature redundancy of the data set used for training, some training samples are under-sampling and feature selection processing. To improve the detection effect, a Deep Stacking Network model is proposed, which combines the classification results of multiple basic classifiers to improve the classification accuracy. In the experiment, we screened and compared the performance of various mainstream classifiers and found that the four models of the decision tree, k-nearest neighbors, deep neural network and random forests have outstanding detection performance and meet the needs of different classification effects. Among them, the classification accuracy of the decision tree reaches 86.1%. The classification effect of the Deeping Stacking Network, a fusion model composed of four classifiers, has been further improved and the accuracy reaches 86.8%. Compared with the intrusion detection system of other research papers, the proposed model effectively improves the detection performance and has made significant improvements in network intrusion detection.

scholarly journals Intrusion Detecting System Based on Temporal Convolutional Network for In-Vehicle CAN Networks

2021 ◽  
Vol 2021 ◽  
pp. 1-13
Author(s):  
Dongxian Shi ◽  
Ming Xu ◽  
Ting Wu ◽  
Liang Kou
Keyword(s):  
Neural Networks ◽  
Intrusion Detection ◽  
Detection System ◽  
Learning Theories ◽  
Network Intrusion Detection ◽  
Convolutional Network ◽  
Detection Model ◽  
Network Intrusion ◽  
Complicated Model ◽  
Abnormal Points

In recent years, deep learning theories, such as Recurrent Neural Networks (RNN) and Convolutional Neural Networks (CNN), have been applied as effective methods for intrusion detection in the vehicle CAN network. However, the existing RNNs realize detection by establishing independent models for each CAN ID, which are unable to learn the potential characteristics of different IDs well, and have relatively complicated model structure and high calculation time cost. CNNs can achieve rapid detection by learning the characteristics of normal and attack CAN ID sequences and exhibit good performance, but the current methods do not locate abnormal points in the sequence. To solve the above problems, this paper proposes an in-vehicle CAN network intrusion detection model based on Temporal Convolutional Network, which is called Temporal Convolutional Network-Based Intrusion Detection System (TCNIDS). In TCNIDS, the CAN ID is serialized into a natural language sequence and a word vector is constructed for each CAN ID through the word embedding coding method to reduce the data dimension. At the same time, TCNIDS uses the parameterized Relu method to improve the temporal convolutional network, which can better learn the potential features of the normal sequence. The TCNIDS model has a simple structure and realizes the point anomaly detection at the message level by predicting the future sequence of normal CAN data and setting the probability strategy. The experimental results show that the overall detection rate, false alarm rate, and accuracy rate of TCNIDS under fuzzy attack, spoofing attack, and DoS attack are higher than those of the traditional temporal convolutional network intrusion detection model.

scholarly journals A Detailed Analysis of Benchmark Datasets for Network Intrusion Detection System

2021 ◽  
pp. 14-33
Author(s):  
Mossa Ghurab ◽  
Ghaleb Gaphari ◽  
Faisal Alshami ◽  
Reem Alshamy ◽  
Suad Othman
Keyword(s):  
Intrusion Detection ◽  
Detailed Analysis ◽  
Intrusion Detection System ◽  
Network Flow ◽  
Detection System ◽  
Attack Detection ◽  
Network Intrusion Detection ◽  
Detection Techniques ◽  
Network Intrusion ◽  
Network Intrusion Detection System

The enormous increase in the use of the Internet in daily life has provided an opportunity for the intruder attempt to compromise the security principles of availability, confidentiality, and integrity. As a result, organizations are working to increase the level of security by using attack detection techniques such as Network Intrusion Detection System (NIDS), which monitors and analyzes network flow and attacks detection. There are a lot of researches proposed to develop the NIDS and depend on the dataset for the evaluation. Datasets allow evaluating the ability in detecting intrusion behavior. This paper introduces a detailed analysis of benchmark and recent datasets for NIDS. Specifically, we describe eight well-known datasets that include: KDD99, NSL-KDD, KYOTO 2006+, ISCX2012, UNSW-NB 15, CIDDS-001, CICIDS2017, and CSE-CIC-IDS2018. For each dataset, we provide a detailed analysis of its instances, features, classes, and the nature of the features. The main objective of this paper is to offer overviews of the datasets are available for the NIDS and what each dataset is comprised of. Furthermore, some recommendations were made to use network-based datasets.

scholarly journals Fuzzy ECOC Framework for Network Intrusion Detection System

2019 ◽  
Vol 8 (3) ◽  
pp. 6826-6833
Keyword(s):  
Intrusion Detection ◽  
Data Sharing ◽  
Intrusion Detection System ◽  
Large Scale ◽  
Detection System ◽  
Network Intrusion Detection ◽  
Small Scale ◽  
Class Imbalance Problem ◽  
Network Intrusion ◽  
Network Intrusion Detection System

Many aspects of our life now continually rely on computers and internet. Data sharing among networks is a major challenge in several areas, including communication, national security, medicine, marketing, finance and even education. Many small scale and large scale industries are becoming vulnerable to a variety of cyber threats due to increase in the usage of computers over network. We propose Fuzzy-ECOC frame work for network intrusion detection system, which can efficiently thwart malicious attacks. The focus of the paper is to enforce cyber security threats, generalization rules for classifying potential attacks, preserving privacy among data sharing and multi-class imbalance problem in intrusion data. The Fuzzy-ECOC framework is validated on highly imbalanced benchmark NSL_KDD intrusion dataset as well as six other UCI datasets. The experimental results show that Fuzzy-ECOC achieved best detection rate and least false alarm rate.

Sign in / Sign up

Export Citation Format

Share Document