DOI QR코드

DOI QR Code

Network Anomaly Traffic Detection Using WGAN-CNN-BiLSTM in Big Data Cloud-Edge Collaborative Computing Environment

  • Yue Wang (School of computer and software, Nanyang Institute of Technology)
  • Received : 2023.03.13
  • Accepted : 2023.06.25
  • Published : 2024.06.30

Abstract

Edge computing architecture has effectively alleviated the computing pressure on cloud platforms, reduced network bandwidth consumption, and improved the quality of service for user experience; however, it has also introduced new security issues. Existing anomaly detection methods in big data scenarios with cloud-edge computing collaboration face several challenges, such as sample imbalance, difficulty in dealing with complex network traffic attacks, and difficulty in effectively training large-scale data or overly complex deep-learning network models. A lightweight deep-learning model was proposed to address these challenges. First, normalization on the user side was used to preprocess the traffic data. On the edge side, a trained Wasserstein generative adversarial network (WGAN) was used to supplement the data samples, which effectively alleviates the imbalance issue of a few types of samples while occupying a small amount of edge-computing resources. Finally, a trained lightweight deep learning network model is deployed on the edge side, and the preprocessed and expanded local data are used to fine-tune the trained model. This ensures that the data of each edge node are more consistent with the local characteristics, effectively improving the system's detection ability. In the designed lightweight deep learning network model, two sets of convolutional pooling layers of convolutional neural networks (CNN) were used to extract spatial features. The bidirectional long short-term memory network (BiLSTM) was used to collect time sequence features, and the weight of traffic features was adjusted through the attention mechanism, improving the model's ability to identify abnormal traffic features. The proposed model was experimentally demonstrated using the NSL-KDD, UNSW-NB15, and CIC-ISD2018 datasets. The accuracies of the proposed model on the three datasets were as high as 0.974, 0.925, and 0.953, respectively, showing superior accuracy to other comparative models. The proposed lightweight deep learning network model has good application prospects for anomaly traffic detection in cloud-edge collaborative computing architectures.

Keywords

References

  1. C. Wang, X. Yu, L. Xu, Z. Wang, and W. Wang, "Multimodal semantic communication accelerated bidirectional caching for 6G MEC," Future Generation Computer Systems, vol. 140, pp. 225-237, 2023. https://doi.org/10.1016/j.future.2022.10.036 
  2. L. Li, Q. Cheng, X. Tang, T. Bai, W. Chen, Z. Ding, and Z. Han, "Resource allocation for NOMA-MEC systems in ultra-dense networks: a learning aided mean-field game approach," IEEE Transactions on Wireless Communications, vol. 20, no. 3, pp. 1487-1500, 2021. https://doi.org/10.1109/TWC.2020.3033843 
  3. A. S. Almogren, "Intrusion detection in Edge-of-Things computing," Journal of Parallel and Distributed Computing, vol. 137, pp. 259-265, 2020. https://doi.org/10.1016/j.jpdc.2019.12.008 
  4. X. Zhao, G. Huang, J. Jiang, L. Gao, and M. Li, "Research on lightweight anomaly detection of multimedia traffic in edge computing," Computers & Security, vol. 111, article no. 102463, 2021. https://doi.org/10.1016/j.cose.2021.102463 
  5. M. Arjovsky, S. Chintala, and L. Bottou, "Wasserstein GAN," 2017 [Online]. Available: https://arxiv.org/abs/1701.07875. 
  6. B. Riyaz and S. Ganapathy, "A deep learning approach for effective intrusion detection in wireless networks using CNN," Soft Computing, vol. 24, pp. 17265-17278, 2020. https://doi.org/10.1007/s00500-020-05017-0 
  7. K. Jiang, W. Wang, A. Wang, and H. Wu, "Network intrusion detection combined hybrid sampling with deep hierarchical network," IEEE Access, vol. 8, pp. 32464-32476, 2020. https://doi.org/10.1109/ACCESS.2020.2973730 
  8. I. Idrissi, M. Boukabous, M. Azizi, O. Moussaoui, and H. El Fadili, "Toward a deep learning-based intrusion detection system for IoT against botnet attacks," IAES International Journal of Artificial Intelligence, vol. 10, no. 1, pp. 110-120, 2021. https://doi.org/10.11591/ijai.v10.i1.pp110-120 
  9. A. D. Smith, "Event detection in educational records: an application of big data approaches," International Journal of Business and Systems Research, vol. 15, no. 3, pp. 271-291, 2021. https://doi.org/10.1504/IJBSR.2021.114936 
  10. A. Amouri, V. T. Alaparthy, and S. D. Morgera, "A machine learning based intrusion detection system for mobile Internet of Things," Sensors, vol. 20, no. 2, article no. 461, 2020. https://doi.org/10.3390/s20020461 
  11. R. Kumar, P. Kumar, R. Tripathi, G. P. Gupta, S. Garg, and M. M. Hassan, "A distributed intrusion detection system to detect DDoS attacks in blockchain-enabled IoT network," Journal of Parallel and Distributed Computing, vol. 164, pp. 55-68, 2022. https://doi.org/10.1016/j.jpdc.2022.01.030 
  12. X. Jiang, H. Zhang, J. Xu, W. Wu, and X. Xie, "Abnormal network data mining model based on deep training learning," International Journal of Internet Protocol Technology, vol. 13, no. 4, pp. 228-236, 2020. https://doi.org/10.1504/IJIPT.2020.110314 
  13. A. Al and M. Dener, "STL-HDL: a new hybrid network intrusion detection system for imbalanced dataset on big data environment," Computers & Security, vol. 110, article no. 102435, 2021. https://doi.org/10.1016/j.cose.2021.102435
  14. D. Tang, J. Chen, X. Wang, S. Zhang, and Y. Yan, "A new detection method for LDoS attacks based on data mining," Future Generation Computer Systems, vol. 128, pp. 73-87, 2022. https://doi.org/10.1016/j.future.2021.09.039 
  15. J. Fei, Q. Yao, M. Chen, X. Wang, and J. Fan, "The abnormal detection for network traffic of power IoT based on device portrait," Scientific Programming, vol. 2020, article no. 8872482, 2020. https://doi.org/10.1155/2020/8872482 
  16. S. J. Lee, P. D. Yoo, A. T. Asyhari, Y. Jhi, L. Chermak, C. Y. Yeun, and K. Taha, "IMPACT: impersonation attack detection via edge computing using deep autoencoder and feature abstraction," IEEE Access, vol. 8, pp. 65520-65529, 2020.  https://doi.org/10.1109/ACCESS.2020.2985089
  17. M. Eskandari, Z. H. Janjua, M. Vecchio, and F. Antonelli, "Passban IDS: an intelligent anomaly-based intrusion detection system for IoT edge devices," IEEE Internet of Things Journal, vol. 7, no. 8, pp. 6882- 6897, 2020. https://doi.org/10.1109/JIOT.2020.2970501 
  18. X. An, X. Zhou, X. Lu, F. Lin, and L. Yang, "Sample selected extreme learning machine based intrusion detection in fog computing and MEC," Wireless Communications and Mobile Computing, vol. 2018, article no. 7472095, 2018. https://doi.org/10.1155/2018/7472095 
  19. L. F. Maimo, A. L. P. Gomez, F. J. G. Clemente, M. G. Perez, and G. M. Perez, "A self-adaptive deep learning-based system for anomaly detection in 5G networks," IEEE Access, vol. 6, pp. 7700-7712, 2018. https://doi.org/10.1109/ACCESS.2018.2803446 
  20. B. Hussain, Q. Du, S. Zhang, A. Imran, and M. A. Imran, "Mobile edge computing-based data-driven deep learning framework for anomaly detection," IEEE Access, vol. 7, pp. 137656-137667, 2019. https://doi.org/10.1109/ACCESS.2019.2942485 
  21. B. Hussain, Q. Du, A. Imran, and M. A. Imran, "Artificial intelligence-powered mobile edge computing-based anomaly detection in cellular networks," IEEE Transactions on Industrial Informatics, vol. 16, no. 8, pp. 4986-4996, 2020. https://doi.org/10.1109/TII.2019.2953201 
  22. C. A. De Souza, C. B. Westphall, and R. B. Machado, "Two-step ensemble approach for intrusion detection and identification in IoT and fog computing environments," Computers & Electrical Engineering, vol. 98, article no. 107694, 2022. https://doi.org/10.1016/j.compeleceng.2022.107694 
  23. H. Bangui and B. Buhnova, "Lightweight intrusion detection for edge computing networks using deep forest and bio-inspired algorithms," Computers and Electrical Engineering, vol. 100, article no. 107901, 2022. https://doi.org/10.1016/j.compeleceng.2022.107901 
  24. W. Zhong, N. Yu, and C. Ai, "Applying big data based deep learning system to intrusion detection," Big Data Mining and Analytics, vol. 3, no. 3, pp. 181-195, 2020. https://doi.org/10.26599/BDMA.2020.9020003 
  25. S. Garg, R. Singh, M. S. Obaidat, V. K. Bhalla, and B. Sharma, "Statistical vertical reduction-based data abridging technique for big network traffic dataset," International Journal of Communication Systems, vol. 33, no. 4, article no. e4249, 2020. https://doi.org/10.1002/dac.4249 
  26. A. Abid and F. Jemili, "Intrusion detection based on graph oriented big data analytics," Procedia Computer Science, vol. 176, pp. 572-581, 2020. https://doi.org/10.1016/j.procs.2020.08.059 
  27. F. Jin, M. Chen, W. Zhang, Y. Yuan, and S. Wang, "Intrusion detection on internet of vehicles via combining log-ratio oversampling, outlier detection and metric learning," Information Sciences, vol. 579, pp. 814-831, 2021. https://doi.org/10.1016/j.ins.2021.08.010 
  28. L. Gong, X. Zhang, T. Chen, and L. Zhang, "Recognition of disease genetic information from unstructured text data based on bilstm-crf for molecular mechanisms," Security and Communication Networks, vol. 2021, article no. 6635027, 2021. https://doi.org/10.1155/2021/6635027 
  29. M. A. Bou-Rabee, M. Y. Naz, I. E. Albalaa, and S. A. Sulaiman, "BiLSTM network-based approach for solar irradiance forecasting in continental climate zones," Energies, vol. 15, no. 6, article no. 2226, 2022. https://doi.org/10.3390/en15062226
  30. Y. Zhan, S. Sun, X. Li, and F. Wang, "Combined remaining life prediction of multiple bearings based on EEMD-BILSTM," Symmetry, vol. 14, no. 2, article no. 251, 2022. https://doi.org/10.3390/sym14020251 
  31. Y. L. Miao, W. F. Cheng, Y. C. Ji, S. Zhang, and Y. L. Kong, "Aspect-based sentiment analysis in Chinese based on mobile reviews for BiLSTM-CRF," Journal of Intelligent & Fuzzy Systems, vol. 40, no. 5, pp. 8697-8707, 2021. https://doi.org/10.3233/JIFS-192078 
  32. K. Greff, R. K. Srivastava, J. Koutnik, B. R. Steunebrink, and J. Schmidhuber, "LSTM: a search space odyssey," 2017 [Online]. Available: https://arxiv.org/abs/1503.04069. 
  33. D. Ma, Y. Guo, and S. Ma, "Short-term subway passenger flow prediction based on GCN-BiLSTM," IOP Conference Series: Earth and Environmental Science, vol. 693, no. 1, article no. 012005, 2021. https://doi.org/10.1088/1755-1315/693/1/012005 
  34. S. Choudhary and N. Kesswani, "Analysis of KDD-Cup'99, NSL-KDD and UNSW-NB15 datasets using deep learning in IoT," Procedia Computer Science, vol. 167, pp. 1561-1573, 2020. https://doi.org/10.1016/j.procs.2020.03.367 
  35. V. Kanimozhi and T. Prem Jacob, "Artificial intelligence based network intrusion detection with hyperparameter optimization tuning on the realistic cyber dataset CSE-CIC-IDS2018 using cloud computing," ICT Express, vol. 5, no. 3, pp. 211-214, 2019. https://doi.org/10.1016/j.icte.2019.03.003