Anomaly-based Network Intrusion Detection System using Deep Intelligent Technique

Sardar KH. Hassan; Muhammadamin A. Daneshwar

doi:10.25156/ptj.v12n2y2022.pp100-113

Authors

Sardar KH. Hassan Department of Computer Science, Soran University, Erbil, Kurdistan Region, Iraq https://orcid.org/0000-0002-1131-1037
Muhammadamin A. Daneshwar Department of Computer Science, Soran University, Erbil, Kurdistan Region, Iraq https://orcid.org/0000-0003-3760-8442

DOI:

https://doi.org/10.25156/ptj.v12n2y2022.pp100-113

Keywords:

Intrusion Detection System, Anomaly detection, Intelligent Technique, Cyber-Attack, Deep Learning, Machine Learning

Abstract

Background and objectives: Computer systems and network infrastructures are still exposed to many security risks and cyber-attack vulnerabilities despite advancements of information security. Traditional signature-based intrusion detection systems and security solutions by matching rule-based mechanism and prior knowledge are insufficient of fully protecting computer networks against novel attacks. For this purpose, Anomaly-based Network Intrusion Detection System (A-NIDS) as cyber security tool is considered for identifying and detecting anomalous behavior in the flow-based network traffic alongside with firewalls and other security measures. The main objective of the research is to improve the detection rate and reduce false-positive rates of the classifier using anomaly-based technique.

Methods: an intelligent technique using deep learning algorithm and mutual information feature selection (MIFS) method to select optimal features on the benchmark datasets. Proposed method accurately capable of classifying normal and anomalous states of the data packets in a comprehensive way by combination of Long-Short term memory (LSTM) algorithm and MIFS method.

Results: The model achieved encouraging results in terms of accuracy 99.79%, 0.002 false-positive rate with minimum time compared to other models recorded only 81.75s on CSE-CIC-IDS2018 dataset. At the end of the study, comparative studies are conducted to verify the effectiveness of proposed method on three realistic and latest intrusion detection datasets, named CSE_CIC-IDS2018, CIC-IDS2017, and NF-CSE-CIC-IDS2018 dataset.

Conclusions: Proposed model in a combination of LSTM NN and Feature selection method (MIFS) increased detection rate and reduced false-positive alarms, also the model able to detect low frequent attacks while other existing models are suffering from.

Downloads

Download data is not yet available.

References

Al-Daweri, M. S., Abdullah, S. and Zainol Ariffin, K. A. (2021) ‘An adaptive method and a new dataset, UKM- IDS20, for the network intrusion detection system’, Computer Communications, 180(February), pp. 57–76. doi: 10.1016/j.comcom.2021.09.007.

Ambusaidi, M. A. et al. (2016) ‘Building an intrusion detection system using a filter-based feature selection algorithm’, IEEE Transactions on Computers, 65(10), pp. 2986–2998. doi: 10.1109/TC.2016.2519914.

Debasish Kalita (2022) An Overview on Long Short Term Memory (LSTM), March 11, 2022. Available at: https://www.analyticsvidhya.com/blog/2022/03/an-overview-on-long-short-term-memory-lstm/. Govindarajan, M. and Chandrasekaran, R. (2011) ‘Intrusion detection using neural based hybrid classification methods’, Computer Networks, 55(8), pp. 1662–1671. doi: 10.1016/j.comnet.2010.12.008.

Kanimozhi, V. and Jacob, T. P. (2020) ‘Artificial Intelligence outflanks all other machine learning classifiers in Network Intrusion Detection System on the realistic cyber dataset CSE-CIC-IDS2018 using cloud computing’, ICT Express, (xxxx). doi: 10.1016/j.icte.2020.12.004.

De la Hoz, E. et al. (2015) ‘PCA filtering and probabilistic SOM for network intrusion detection’, Neurocomputing, 164, pp. 71–81. doi: 10.1016/j.neucom.2014.09.083.

Moualla, S., Khorzom, K. and Jafar, A. (2021) ‘Improving the Performance of Machine Learning-Based Network Intrusion Detection Systems on the UNSW-NB15 Dataset’, Computational Intelligence and Neuroscience, 2021. doi: 10.1155/2021/5557577.

Oliveira, N. et al. (2021) ‘Intelligent cyber attack detection and classification for network-based intrusion detection systems’, Applied Sciences (Switzerland), 11(4), pp. 1–21. doi: 10.3390/app11041674.

Peddabachigari, S. et al. (2007) ‘Modeling intrusion detection system using hybrid intelligent systems’, Journal of Network and Computer Applications, 30(1), pp. 114–132. doi: 10.1016/j.jnca.2005.06.003.

Ravikumar, D. (2021) ‘Towards Enhancement of Machine Learning Techniques Using CSE-CIC-IDS2018 Cybersecurity Dataset’. Available at: https://search.proquest.com/openview/6223ef80659ae148bd418cd6fb01b2fd/1?pq-origsite=gscholar&cbl=18750&diss=y.

Rosay, A. et al. (2021) ‘Multi-layer perceptron for network intrusion detection: From a study on two recent data sets to deployment on automotive processor’, Annales des Telecommunications/Annals of Telecommunications. doi: 10.1007/s12243-021-00852-0.

Vinayakumar, R. et al. (2019) ‘Deep Learning Approach for Intelligent Intrusion Detection System’, IEEE Access, 7, pp. 41525–41550. doi: 10.1109/ACCESS.2019.2895334.

Yin, C. et al. (2017) ‘A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks’, IEEE Access, 5, pp. 21954–21961. doi: 10.1109/ACCESS.2017.2762418.

Zhou, Y. et al. (2020) ‘Building an efficient intrusion detection system based on feature selection and ensemble classifier’, Computer Networks, 174(April). doi: 10.1016/j.comnet.2020.107247.

Zoghi, Z. and Serpen, G. (2021) ‘UNSW-NB15 Computer Security Dataset: Analysis through Visualization’. Available at: http://arxiv.org/abs/2101.05067.

Anomaly-based Network Intrusion Detection System using Deep Intelligent Technique

Authors

DOI:

Keywords:

Abstract

Downloads

References

Downloads

Published

How to Cite

Issue

Section

License

Make a Submission

Information

Current Issue

Developed By