Browse > Article
http://dx.doi.org/10.33851/JMIS.2019.6.4.165

An Intrusion Detection Model based on a Convolutional Neural Network  

Kim, Jiyeon (Center for Software Educational Innovation, Seoul Women's University)
Shin, Yulim (Dept. of Information Security, Seoul Women's University)
Choi, Eunjung (Dept. of Information Security, Seoul Women's University)
Publication Information
Journal of Multimedia Information System / v.6, no.4, 2019 , pp. 165-172 More about this Journal
Abstract
Machine-learning techniques have been actively employed to information security in recent years. Traditional rule-based security solutions are vulnerable to advanced attacks due to unpredictable behaviors and unknown vulnerabilities. By employing ML techniques, we are able to develop intrusion detection systems (IDS) based on anomaly detection instead of misuse detection. Moreover, threshold issues in anomaly detection can also be resolved through machine-learning. There are very few datasets for network intrusion detection compared to datasets for malicious code. KDD CUP 99 (KDD) is the most widely used dataset for the evaluation of IDS. Numerous studies on ML-based IDS have been using KDD or the upgraded versions of KDD. In this work, we develop an IDS model using CSE-CIC-IDS 2018, a dataset containing the most up-to-date common network attacks. We employ deep-learning techniques and develop a convolutional neural network (CNN) model for CSE-CIC-IDS 2018. We then evaluate its performance comparing with a recurrent neural network (RNN) model. Our experimental results show that the performance of our CNN model is higher than that of the RNN model when applied to CSE-CIC-IDS 2018 dataset. Furthermore, we suggest a way of improving the performance of our model.
Keywords
Intrusion detection; Deep learning; Convolutional neural network; Recurrent neural network;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Mulay, Snehal & Devale, P.R. & Garje, Goraksh, "Intrusion Detection System Using Support Vector Machine and Decision Tree," International Journal of Computer Applications vol. 3. 10.5120/758-993, 2010.
2 Beghad, Rachid, "Training all the KDD data set to classif and detect attacks," Neural Network World, vol. 17, pp. 81-91, 2017.
3 Jia, F. & Kong, L.-Z., "Intrusion Detection Algorithm Based on Convolutional Neural Network," Beijing Ligong Daxue Xuebao/Transaction of Beijing Institute of Technology, vol. 37, pp. 1271-1275, 2017.
4 Yuchen Liu, Shengli Liu and Xing Zhao, "Intrusion Detection Algorithm Based on Convolutional Neural Network", in Proceeding of the 4th International Conference on Engineering Technology and Application, 2017.
5 Jihyun Kim, Howon Kim, An Effective Intrusion Detection Classifier Using Long Short-Term Memory with Gradient Descent Optimization, Proceeding of the 2017 IEEE International Conference on Platform Technology and Service (PlatCon), pp. 1-6, 2017..
6 R. C. Staudemeyer and C. W. Omlin, "Evaluating performance of long short-term memory recurrent neural networks on intrusion detection data," In Proceedings of the South African Institute for Computer Scientists and Information Technologists Conference, pp. 218-224, 2013.
7 G. Kim, H. Yi, J. Lee, Y. Paek, and S. Yoon, "LSTM-Based System-Call Language Modeling and Robust Ensemble Method for Designing Host-Based Intrusion Detection Systems," arXiv preprint arXiv:1611.01726, 2016.
8 Intrusion Detection Evaluation Dataset (CICIDS2017), https://www.unb.ca/cic/datasets/ids-2017.html
9 Jiyeon Kim, Yulim Ahn, and Eunjung Choi, "Network Intrusion Detection using Machine Learning Techniques", in Proceeding of International Conference on Culture Technology 2019, August 2019.
10 Hasan, Md. Al & Nasser, Mohammed & Pal, Biprodip & Ahmad, Shamim, "Support Vector Machine and Random Forest Modeling for Intrusion Detection System (IDS)," Journal of Intelligent Learning Systems and Applications, vol. 06, pp. 45-52, 2014.
11 CSE-CIC-IDS2018 on AWS, https://www.unb.ca /cic/datasets/ids-2018.html
12 Sharafaldin I., Gharib A., Habibi Lashkari A., and Ghorbani A. A.. Towards a reliable intrusion detection benchmark dataset, Software Networking, vol. 2017, no. 1, pp. 177-200, 2017.   DOI
13 Faker, Osama & Dogdu, Erdogan, "Intrusion Detection Using Big Data and Deep Learning Techniques," in Proceedings of the 2019 ACM Southeast Conference, pp. 86-93. 2019.
14 Zhang Xueqin, Chen Jiahao, Zhou Yue, Han, Liangxiu, Lin Jiajun, "A Multiple-layer Representation Learning Model for Network-Based Attack Detection," IEEE Access. pp. 1-1. 10.1109/ACCESS.2019.2927465, 2019.
15 J. Kim, N. Shin, S. Y. Jo, and S. H. Kim, "Method of intrusion detection using deep neural network," in Proceeding of IEEE International Conference on Big Data and Smart Computing (BigComp), pp. 313-316, 2017.
16 Zhou Qianru, Pezaros Dimitrios, "Evaluation of Machine Learning Classifiers for Zero-Day Intrusion Detection -- An Analysis on CIC-AWS-2018 dataset," 2018.
17 Jackins, V., and D. Shalini Punithavathani. "An anomaly-based network intrusion detection system using ensemble clustering," International Journal of Enterprise Network Management, vol. 9.3-4, pp. 251-260, 2018.   DOI
18 Y. X. Meng, "The practice on using machine learning for network anomaly intrusion detection," in Proceeding of Machine Learning and Cybernetics (ICMLC), 2011 International Conference, vol. 2, pp. 576-581, IEEE, 2011.
19 J. J. Davis and A. J. Clark, "Data preprocessing for anomaly based network intrusion detection: A review," Computers & Security, vol. 30, no. 6, pp. 353-375, 2011.   DOI
20 K. Leung and C. Leckie, "Unsupervised anomaly detection in network intrusion detection using clusters," In Proceedings of the Twenty-eighth Australasian conference on Computer Science, vol. 38, pp. 333-342, 2005.
21 Chuanlong Yin, Yuefei Zhu, Jinlong Fei, and Xinzheng He, "A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks", IEEE Access, vol 5, pp. 21954-21961, 2017.   DOI
22 SZEGEDY, Christian, et al. Inception-v4, inception-resnet and the impact of residual connections on learning. In: Thirty-First AAAI Conference on Artificial Intelligence. 2017.
23 Intrusion detection evaluation dataset (ISCXIDS 2012), https://www.unb.ca/cic/datasets/ids.html
24 Tamim Mirza, Building an Intrusion Detection System using Deep Learning, https://towardsdatascience.com/building-an-intrusion-detection-system-using-deep-learning-b9488332b321, August 2018.
25 CICFlowMeter, https://www.unb.ca/cic/research/applications.html#CICFlowMeter
26 HE, Kaiming et al., "Deep residual learning for image recognition," in Proceedings of the IEEE conference on computer vision and pattern recognition, pp. 770-778, 2016.
27 GERS, Felix A.; SCHMIDHUBER, Jürgen; CUMMINS, Fred. Learning to forget: Continual prediction with LSTM. 1999.
28 VINAYAKUMAR, R., et al., "Deep Learning Approach for Intelligent Intrusion Detection System," IEEE Access, vol. 7: 41525-41550, 2019.   DOI