International Journal of Computer Science & Network Security

International Journal of Computer Science & Network Security (국제컴퓨터통신보호논문지학회)
권호 표지
DOI QR코드

DOI QR Code

Optimization of Cyber-Attack Detection Using the Deep Learning Network

  • Received : 2021.07.05
  • Published : 2021.07.30
Download PDF
⟨ Previous Next ⟩

Abstract

Detecting cyber-attacks using machine learning or deep learning is being studied and applied widely in network intrusion detection systems. We noticed that the application of deep learning algorithms yielded many good results. However, because each deep learning model has different architecture and characteristics with certain advantages and disadvantages, so those deep learning models are only suitable for specific datasets or features. In this paper, in order to optimize the process of detecting cyber-attacks, we propose the idea of building a new deep learning network model based on the association and combination of individual deep learning models. In particular, based on the architecture of 2 deep learning models: Convolutional Neural Network (CNN) and Long Short Term Memory (LSTM), we combine them into a combined deep learning network for detecting cyber-attacks based on network traffic. The experimental results in Section IV.D have demonstrated that our proposal using the CNN-LSTM deep learning model for detecting cyber-attacks based on network traffic is completely correct because the results of this model are much better than some individual deep learning models on all measures.

Keywords

References

  1. Gilberto Fernandes Jr., Joel J. P. C. Rodrigues, Luiz Fernando Carvalho, Jalal F. Al-Muhtadi & Mario Lemes Proenca Jr., "A comprehensive survey on network anomaly detection," Telecommunication Systems, vol. 70, pp. 447-489, 2019. https://doi.org/10.1007/s11235-018-0475-8
  2. Kamal Alieyan, Ammar Almomani, Ahmad Manasrah, Mohammed M. Kadhum, "A survey of botnet detection based on DNS," Neural Computing and Applications, vol. 28, pp. 1541-1558, 2017. https://doi.org/10.1007/s00521-015-2128-0
  3. Mohiuddin Ahmed, Abdun Naser Mahmood, Jiankun Hu, "A survey of network anomaly detection techniques," Journal of Network and Computer Applications, vol. 60, pp 19-31, 2016. https://doi.org/10.1016/j.jnca.2015.11.016
  4. Sebastian Garcia, Alejandro Zunino, Marcelo Campo, "Survey on network-based botnet detection methods," Security Comm. Networks, 2013. https://doi.org/10.1002/sec.800.
  5. David Zhao, Issa Traore, Bassam Sayed, Wei Lu, Sherif Saad, Ali Ghorbani, Dan Garant, "Botnet detection based on traffic behavior analysis and flow intervals," Computers & Security, vol. 39, pp. 2-16. https://doi.org/10.1016/j.cose.2013.04.007
  6. Manmeet Singh, Maninder Singh, Sanmeet Kaur, "Issues and challenges in DNS based botnet detection: A survey," Computers & Security, vol. 86, pp. 28-52, 2019. https://doi.org/10.1016/j.cose.2019.05.019
  7. Monowar H. Bhuyan, D. K. Bhattacharyya, J. K. Kalita, "Network Anomaly Detection: Methods, Systems and Tools," IEEE Communications Surveys & Tutorials, vol. 16 (1), pp. 303-336, 2014. https://doi.org/10.1109/SURV.2013.052213.00046
  8. Sudipta Chowdhury , Mojtaba Khanzadeh , Ravi Akula, Fangyan Zhang, Song Zhang, Hugh Medal, Mohammad Marufuzzaman, Linkan Bian, "Botnet detection using graph based feature clustering," Big Data, vol. 4 (14), 2017. doi 10.1186/s40537-017-0074-7.
  9. Omar Y. Al-Jarrah, Omar Alhussein, Paul D. Sami Muhaidat, Kamal Taha, and Kwangjo Kim, "Data Randomization and Cluster-Based Partitioning for Botnet Intrusion Detection," IEEE Transactions on Cybernetics, vol 46 (8), pp. 1796 - 1806, 2016. https://doi.org/10.1109/TCYB.2015.2490802
  10. Abdulghani Ali Ahmed, Waheb A. Jabbar, Ali Safaa Sadiq Hiran Patel, "Deep learning based classifcation model for botnet attack detection," Journal of Ambient Intelligence and Humanized Computing, https://doi.org/10.1007/s12652-020-01848-9.
  11. Sneha Kudugunta, Emilio Ferrara, "Deep Neural Networks for Bot Detection," arXiv:1802.04289v2.
  12. Samaneh Mahdavifar, Ali A. Ghorbani, "Application of deep learning to cybersecurity: A survey," Neurocomputing, vol. 347, pp. 149-176. https://doi.org/10.1016/j.neucom.2019.02.056
  13. Robert Luh, Stefan Marschalek, Manfred Kaiser, Helge Janicke, Sebastian Schrittwieser, "Semantics-aware detection of targeted attacks: a survey," J Comput Virol Hack Tech, vol. 13, pp. 47-85, 2017. doi 10.1007/s11416-016-0273-3
  14. K. Vikash., et al., "An integrated rule based intrusion detection system: analysis on UNSW-NB15 data set and the real time online dataset," Cluster Computing, vol. 22, doi: 10.1007/s10586-019-03008-x, 2019.
  15. N. Moustafa., et al., "Novel Geometric Area Analysis Technique for Anomaly Detection using Trapezoidal Area Estimation on Large-scale Networks," IEEE Transactions on Big Data, vol. 5, no. 4, pp. 2332-7790, 2017.
  16. N. Moustafa et al., "Big Data Analytics for Intrusion Detection System: Statistical Decision-Making Using Finite Dirichlet Mixture Models," 2017. doi: 10.1007/978-3-319-59439-2_5.
  17. S. Bagui, et al., "Using machine learning techniques to identify rare cyber-attacks on the UNSW-NB15 dataset," Security and Privacy, 2019. doi: 10.1002/spy2.91.
  18. Cho Do Xuan, Hoang Thanh, Nguyen Tung Lam, "Optimization of network traffic anomaly detection using machine learning," International Journal of Electrical and Computer Engineering, vol. 11, no. 3, pp. 2360-2370, 2021.
  19. David Zhao, Issa Traore, Bassam Sayed, Wei Lu, Sherif Saad, Ali Ghorbani, Dan Garant, "Botnet detection based on traffic behavior analysis and flow intervals," Computers & Security, vol. 39, pp. 2-16, 2013. https://doi.org/10.1016/j.cose.2013.04.007
  20. Sudipta Chowdhury, Mojtaba Khanzadeh, Ravi Akula, Fangyan Zhang, Song Zhang, Hugh Medal, Mohammad Marufuzzaman & Linkan Bian, "Botnet detection using graph-based feature clustering," Journal of Big Data, vol. 4, no. 14, 2017.
  21. Abdulghani Ali Ahmed, Waheb A. Jabbar, Ali Safaa Sadiq, Hiran Patel, Journal of Ambient Intelligence and Humanized Computing, 2020. https://doi.org/10.1007/s12652-020-01848-9.
  22. Cho Do Xuan, Lai Van Duong, Tisenko Victor Nikolaevich, "Detecting C&C Server in the APT Attack based on Network Traffic using Machine Learning," International Journal of Advanced Computer Science and Applications(IJACSA), vol. 11(5), 2020. http://dx.doi.org/10.14569/IJACSA.2020.0110504.
  23. Cho Do Xuan, Hoang Mai Dao, Hoa Dinh Nguyen, "APT attack detection based on flow network analysis techniques using deep learning," Journal of Intelligent & Fuzzy Systems, vol. 39, no. 3, pp. 4785-4801, 2019.
  24. Cho Do Xuan, Hoang Mai Dao, "A novel approach for APT attack detection based on combined deep learning model," Neural Comput & Applic, 2021. https://doi.org/10.1007/s00521-021-05952-5
  25. P. Sun et al., "DL-IDS: Extracting Features Using CNN-LSTM Hybrid Network for Intrusion Detection System," Security and Communication Networks, vol. 2020, pp. 1-11, 2020.
  26. F. Jiang et al., "Deep Learning Based Multi-Channel Intelligent Attack Detection for Data Security," in IEEE Transactions on Sustainable Computing, vol. 5, no. 2, pp. 204-212, 1 April-June 2020. https://doi.org/10.1109/TSUSC.2018.2793284.
  27. Wen-Lin Chu, Chih-Jer Lin, Ke-Neng Chang, "Detection and Classification of Advanced Persistent Threats and Attacks Using the Support Vector Machine," Applied Sciences, vol. 21, pp. 45-79, 2019.
  28. A. Boukhalfa, et al., "LSTM deep learning method for network intrusion detection system," International Journal of Electrical and Computer Engineering (IJECE), vol. 10, no. 3, pp. 3315-3322, June 2020. https://doi.org/10.11591/ijece.v10i3.pp3315-3322
  29. https://www.kaggle.com/mrwellsdavid/unsw-nb15
  30. Alex Krizhevsky, Ilya Sutskever, Geoffrey E. Hinton, "ImageNet classification with deep convolutional neural networks," Neural Information Processing Systems, vol. 25, no 1. doi 10.1145/3065386.
  31. Igor Sevo, Aleksej Avramovic, "Convolutional Neural Network Based Automatic Object Detection on Aerial Images," IEEE Geoscience and Remote Sensing Letters, vol. 13(5), pp. 1-5, April 2016. https://doi.org/10.1109/LGRS.2015.2509518
  32. Martin Engelcke, Dushyant Rao, Dominic Zeng Wang, Chi Hay Tong, Ingmar Posner. In 2017 IEEE International Conference on Robotics and Automation (ICRA). Singapore, pp. 1355-1361, 29 May-3 June 2017.
  33. Fausto Milletari, Nassir Navab, Seyed-Ahmad Ahmadi, "V-Net: Fully Convolutional Neural Networks for Volumetric Medical Image Segmentation," 2016 Fourth International Conference on 3D Vision (3DV), pp. 565-571, 25-28 Oct. 2016.
  34. Pim Moeskops, Max A. Viergever, Adrienne M. Mendrik, Linda S. de Vries, Manon J.N.L. Benders, Ivana Isgum, "Automatic Segmentation of MR Brain Images With a Convolutional Neural Network," in IEEE Transactions on Medical Imaging, vol. 35, no. 5, pp. 1252-1261. https://doi.org/10.1109/TMI.2016.2548501
  35. Steve Lawrence, C. Lee Giles, Ah Chung Tsoi, Andrew D. Back, "Face Recognition: A Convolutional Neural-Network Approach," IEEE Transactions on Neural Networks, vol. 8, no. 1, pp. 98-113, Jan. 1997. https://doi.org/10.1109/72.554195
  36. Yoon Kim, "Convolutional Neural Networks for Sentence Classification," Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing (EMNLP), pp. 1746-1751, 25-29 October 2014.
  37. Nal Kalkbrenner, Edward Grefenstette, Phil Blunsom, "A Convolutional Neural Network for Modelling Sentences," Proceedings of the 52nd Annual Meeting of the Association for Computational Linguistics, pp. 655-665, 23-25 June 2014.
  38. Saad Albawi, Saad ALZAWI, Tareq Abed Mohammed, "Understanding of a Convolutional Neural Network," 2017 International Conference on Engineering and Technology (ICET), pp. 1-6, 21-23 Aug. 2017.
  39. Keiron O'Shea, Ryan Nash, "An Introduction to Convolutional Neural Networks," arXiv, arXiv:1511.08458.
  40. Daniel Svozil, Vladimir Kvasnicka, Jiri Pospichal, "Introduction to multi-layer feed-forward neural networks," Chemometrics and Intelligent Laboratory Systems, vol. 39(1), pp: 43-62, November 1997. https://doi.org/10.1016/S0169-7439(97)00061-0
  41. Hassan Ramchoun, Mohammed Amine Janati Idrissi, Youssef Ghanou, Mohamed Ettaouil, "Multilayer Perceptron: Architecture Optimization and Training," International Journal of Interactive Multimedia and Artificial Intelligence, vol. 4, no. 1, pp. 26-29, 2016. https://doi.org/10.9781/ijimai.2016.415