Browse > Article
http://dx.doi.org/10.22937/IJCSNS.2021.21.7.19

Optimization of Cyber-Attack Detection Using the Deep Learning Network  

Duong, Lai Van (Information Assurance dept. FPT University)
Publication Information
International Journal of Computer Science & Network Security / v.21, no.7, 2021 , pp. 159-168 More about this Journal
Abstract
Detecting cyber-attacks using machine learning or deep learning is being studied and applied widely in network intrusion detection systems. We noticed that the application of deep learning algorithms yielded many good results. However, because each deep learning model has different architecture and characteristics with certain advantages and disadvantages, so those deep learning models are only suitable for specific datasets or features. In this paper, in order to optimize the process of detecting cyber-attacks, we propose the idea of building a new deep learning network model based on the association and combination of individual deep learning models. In particular, based on the architecture of 2 deep learning models: Convolutional Neural Network (CNN) and Long Short Term Memory (LSTM), we combine them into a combined deep learning network for detecting cyber-attacks based on network traffic. The experimental results in Section IV.D have demonstrated that our proposal using the CNN-LSTM deep learning model for detecting cyber-attacks based on network traffic is completely correct because the results of this model are much better than some individual deep learning models on all measures.
Keywords
cyber attack, combined deep learning; abnormal behaviors of cyber-attacks; detection attacks;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Robert Luh, Stefan Marschalek, Manfred Kaiser, Helge Janicke, Sebastian Schrittwieser, "Semantics-aware detection of targeted attacks: a survey," J Comput Virol Hack Tech, vol. 13, pp. 47-85, 2017. doi 10.1007/s11416-016-0273-3   DOI
2 Monowar H. Bhuyan, D. K. Bhattacharyya, J. K. Kalita, "Network Anomaly Detection: Methods, Systems and Tools," IEEE Communications Surveys & Tutorials, vol. 16 (1), pp. 303-336, 2014.   DOI
3 Abdulghani Ali Ahmed, Waheb A. Jabbar, Ali Safaa Sadiq Hiran Patel, "Deep learning based classifcation model for botnet attack detection," Journal of Ambient Intelligence and Humanized Computing, https://doi.org/10.1007/s12652-020-01848-9.   DOI
4 Gilberto Fernandes Jr., Joel J. P. C. Rodrigues, Luiz Fernando Carvalho, Jalal F. Al-Muhtadi & Mario Lemes Proenca Jr., "A comprehensive survey on network anomaly detection," Telecommunication Systems, vol. 70, pp. 447-489, 2019.   DOI
5 Kamal Alieyan, Ammar Almomani, Ahmad Manasrah, Mohammed M. Kadhum, "A survey of botnet detection based on DNS," Neural Computing and Applications, vol. 28, pp. 1541-1558, 2017.   DOI
6 Sebastian Garcia, Alejandro Zunino, Marcelo Campo, "Survey on network-based botnet detection methods," Security Comm. Networks, 2013. https://doi.org/10.1002/sec.800.   DOI
7 David Zhao, Issa Traore, Bassam Sayed, Wei Lu, Sherif Saad, Ali Ghorbani, Dan Garant, "Botnet detection based on traffic behavior analysis and flow intervals," Computers & Security, vol. 39, pp. 2-16.   DOI
8 N. Moustafa et al., "Big Data Analytics for Intrusion Detection System: Statistical Decision-Making Using Finite Dirichlet Mixture Models," 2017. doi: 10.1007/978-3-319-59439-2_5.
9 Sudipta Chowdhury , Mojtaba Khanzadeh , Ravi Akula, Fangyan Zhang, Song Zhang, Hugh Medal, Mohammad Marufuzzaman, Linkan Bian, "Botnet detection using graph based feature clustering," Big Data, vol. 4 (14), 2017. doi 10.1186/s40537-017-0074-7.   DOI
10 Fausto Milletari, Nassir Navab, Seyed-Ahmad Ahmadi, "V-Net: Fully Convolutional Neural Networks for Volumetric Medical Image Segmentation," 2016 Fourth International Conference on 3D Vision (3DV), pp. 565-571, 25-28 Oct. 2016.
11 S. Bagui, et al., "Using machine learning techniques to identify rare cyber-attacks on the UNSW-NB15 dataset," Security and Privacy, 2019. doi: 10.1002/spy2.91.   DOI
12 David Zhao, Issa Traore, Bassam Sayed, Wei Lu, Sherif Saad, Ali Ghorbani, Dan Garant, "Botnet detection based on traffic behavior analysis and flow intervals," Computers & Security, vol. 39, pp. 2-16, 2013.   DOI
13 Sudipta Chowdhury, Mojtaba Khanzadeh, Ravi Akula, Fangyan Zhang, Song Zhang, Hugh Medal, Mohammad Marufuzzaman & Linkan Bian, "Botnet detection using graph-based feature clustering," Journal of Big Data, vol. 4, no. 14, 2017.
14 Cho Do Xuan, Lai Van Duong, Tisenko Victor Nikolaevich, "Detecting C&C Server in the APT Attack based on Network Traffic using Machine Learning," International Journal of Advanced Computer Science and Applications(IJACSA), vol. 11(5), 2020. http://dx.doi.org/10.14569/IJACSA.2020.0110504.   DOI
15 Cho Do Xuan, Hoang Mai Dao, Hoa Dinh Nguyen, "APT attack detection based on flow network analysis techniques using deep learning," Journal of Intelligent & Fuzzy Systems, vol. 39, no. 3, pp. 4785-4801, 2019.
16 Sneha Kudugunta, Emilio Ferrara, "Deep Neural Networks for Bot Detection," arXiv:1802.04289v2.
17 Manmeet Singh, Maninder Singh, Sanmeet Kaur, "Issues and challenges in DNS based botnet detection: A survey," Computers & Security, vol. 86, pp. 28-52, 2019.   DOI
18 Samaneh Mahdavifar, Ali A. Ghorbani, "Application of deep learning to cybersecurity: A survey," Neurocomputing, vol. 347, pp. 149-176.   DOI
19 Mohiuddin Ahmed, Abdun Naser Mahmood, Jiankun Hu, "A survey of network anomaly detection techniques," Journal of Network and Computer Applications, vol. 60, pp 19-31, 2016.   DOI
20 K. Vikash., et al., "An integrated rule based intrusion detection system: analysis on UNSW-NB15 data set and the real time online dataset," Cluster Computing, vol. 22, doi: 10.1007/s10586-019-03008-x, 2019.   DOI
21 Steve Lawrence, C. Lee Giles, Ah Chung Tsoi, Andrew D. Back, "Face Recognition: A Convolutional Neural-Network Approach," IEEE Transactions on Neural Networks, vol. 8, no. 1, pp. 98-113, Jan. 1997.   DOI
22 F. Jiang et al., "Deep Learning Based Multi-Channel Intelligent Attack Detection for Data Security," in IEEE Transactions on Sustainable Computing, vol. 5, no. 2, pp. 204-212, 1 April-June 2020. https://doi.org/10.1109/TSUSC.2018.2793284.   DOI
23 Omar Y. Al-Jarrah, Omar Alhussein, Paul D. Sami Muhaidat, Kamal Taha, and Kwangjo Kim, "Data Randomization and Cluster-Based Partitioning for Botnet Intrusion Detection," IEEE Transactions on Cybernetics, vol 46 (8), pp. 1796 - 1806, 2016.   DOI
24 Wen-Lin Chu, Chih-Jer Lin, Ke-Neng Chang, "Detection and Classification of Advanced Persistent Threats and Attacks Using the Support Vector Machine," Applied Sciences, vol. 21, pp. 45-79, 2019.
25 P. Sun et al., "DL-IDS: Extracting Features Using CNN-LSTM Hybrid Network for Intrusion Detection System," Security and Communication Networks, vol. 2020, pp. 1-11, 2020.
26 Martin Engelcke, Dushyant Rao, Dominic Zeng Wang, Chi Hay Tong, Ingmar Posner. In 2017 IEEE International Conference on Robotics and Automation (ICRA). Singapore, pp. 1355-1361, 29 May-3 June 2017.
27 Saad Albawi, Saad ALZAWI, Tareq Abed Mohammed, "Understanding of a Convolutional Neural Network," 2017 International Conference on Engineering and Technology (ICET), pp. 1-6, 21-23 Aug. 2017.
28 A. Boukhalfa, et al., "LSTM deep learning method for network intrusion detection system," International Journal of Electrical and Computer Engineering (IJECE), vol. 10, no. 3, pp. 3315-3322, June 2020.   DOI
29 Igor Sevo, Aleksej Avramovic, "Convolutional Neural Network Based Automatic Object Detection on Aerial Images," IEEE Geoscience and Remote Sensing Letters, vol. 13(5), pp. 1-5, April 2016.   DOI
30 Pim Moeskops, Max A. Viergever, Adrienne M. Mendrik, Linda S. de Vries, Manon J.N.L. Benders, Ivana Isgum, "Automatic Segmentation of MR Brain Images With a Convolutional Neural Network," in IEEE Transactions on Medical Imaging, vol. 35, no. 5, pp. 1252-1261.   DOI
31 Nal Kalkbrenner, Edward Grefenstette, Phil Blunsom, "A Convolutional Neural Network for Modelling Sentences," Proceedings of the 52nd Annual Meeting of the Association for Computational Linguistics, pp. 655-665, 23-25 June 2014.
32 Daniel Svozil, Vladimir Kvasnicka, Jiri Pospichal, "Introduction to multi-layer feed-forward neural networks," Chemometrics and Intelligent Laboratory Systems, vol. 39(1), pp: 43-62, November 1997.   DOI
33 Hassan Ramchoun, Mohammed Amine Janati Idrissi, Youssef Ghanou, Mohamed Ettaouil, "Multilayer Perceptron: Architecture Optimization and Training," International Journal of Interactive Multimedia and Artificial Intelligence, vol. 4, no. 1, pp. 26-29, 2016.   DOI
34 https://www.kaggle.com/mrwellsdavid/unsw-nb15
35 Yoon Kim, "Convolutional Neural Networks for Sentence Classification," Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing (EMNLP), pp. 1746-1751, 25-29 October 2014.
36 Abdulghani Ali Ahmed, Waheb A. Jabbar, Ali Safaa Sadiq, Hiran Patel, Journal of Ambient Intelligence and Humanized Computing, 2020. https://doi.org/10.1007/s12652-020-01848-9.   DOI
37 N. Moustafa., et al., "Novel Geometric Area Analysis Technique for Anomaly Detection using Trapezoidal Area Estimation on Large-scale Networks," IEEE Transactions on Big Data, vol. 5, no. 4, pp. 2332-7790, 2017.
38 Cho Do Xuan, Hoang Mai Dao, "A novel approach for APT attack detection based on combined deep learning model," Neural Comput & Applic, 2021. https://doi.org/10.1007/s00521-021-05952-5   DOI
39 Alex Krizhevsky, Ilya Sutskever, Geoffrey E. Hinton, "ImageNet classification with deep convolutional neural networks," Neural Information Processing Systems, vol. 25, no 1. doi 10.1145/3065386.   DOI
40 Cho Do Xuan, Hoang Thanh, Nguyen Tung Lam, "Optimization of network traffic anomaly detection using machine learning," International Journal of Electrical and Computer Engineering, vol. 11, no. 3, pp. 2360-2370, 2021.
41 Keiron O'Shea, Ryan Nash, "An Introduction to Convolutional Neural Networks," arXiv, arXiv:1511.08458.