Skip to main content
SpringerLink
Log in

WEDL-NIDS: Improving Network Intrusion Detection Using Word Embedding-Based Deep Learning Method

  • Conference paper
  • First Online:
Modeling Decisions for Artificial Intelligence (MDAI 2018)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 11144))

Abstract

A Network Intrusion Detection System (NIDS) helps system administrators to detect security breaches in their organization. Current research focus on machine learning based network intrusion detection method. However, as numerous complicated attack types have growingly appeared and evolved in recent years, obtaining high detection rates is increasingly difficult. Also, the performance of a NIDS is highly dependent on feature design, while a feature set that can accurately characterize network traffic is still manually designed and usually costs lots of time. In this paper, we propose an improved NIDS using word embedding-based deep learning (WEDL-NIDS), which has the ability of dimension reduction and learning features from data with sophisticated structure. The experimental results show that the proposed method outperforms previous methods in terms of accuracy and false alarm rate, which successfully demonstrates its effectiveness in both dimension reduction and practical detection ability.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Wang, W., Zhu, M., Zeng, X., et al.: Malware traffic classification using convolutional neural network for representation learning. In: International Conference on Information Networking, pp. 712–717. IEEE (2017)

    Google Scholar 

  2. Wang, W., Sheng, Y., Wang, J., et al.: HAST-IDS: learning hierarchical spatial-temporal features using deep neural networks to improve intrusion detection. IEEE Access 6, 1792–1806 (2017)

    Article  Google Scholar 

  3. Mikolov, T., Yih, W.T., Zweig, G.: Linguistic regularities in continuous space word representations. In: HLT-NAACL (2013)

    Google Scholar 

  4. Krizhevsky, A., Sutskever, I., Hinton, G.E.: ImageNet classification with deep convolutional neural networks. In: International Conference on Neural Information Processing Systems, pp. 1097–1105. Curran Associates Inc. (2012)

    Google Scholar 

  5. Hochreiter, S., Schmidhuber, J.: Long short-term memory. Neural Comput. 9(8), 1735–1780 (1997)

    Article  Google Scholar 

  6. Tang, T.A., Mhamdi, L., McLernon, D., et al.: Deep learning approach for network intrusion detection in software defined networking. In: 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM), pp. 258–263. IEEE (2016)

    Google Scholar 

  7. Salama, M.A., Eid, H.F., Ramadan, R.A., Darwish, A., Hassanien, A.E.: Hybrid intelligent intrusion detection scheme. In: Gaspar-Cunha, A., Takahashi, R., Schaefer, G., Costa, L. (eds.) Soft Computing in Industrial Applications. AINSC, vol. 96, pp. 293–303. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20505-7_26

    Chapter  Google Scholar 

  8. Fiore, U., Palmieri, F., Castiglione, A., et al.: Network anomaly detection with the restricted Boltzmann machine. Neurocomputing 122, 13–23 (2013)

    Article  Google Scholar 

  9. Wang, Z.: The applications of deep learning on traffic identification. BlackHat USA (2015)

    Google Scholar 

  10. Javaid, A., Niyaz, Q., Sun, W., et al.: A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (formerly BIONETICS). ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering), pp. 21–26 (2016)

    Google Scholar 

  11. Yu, Y., Long, J., Cai, Z.: Session-based network intrusion detection using a deep learning architecture. In: Torra, V., Narukawa, Y., Honda, A., Inoue, S. (eds.) MDAI 2017. LNCS (LNAI), vol. 10571, pp. 144–155. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-67422-3_13

    Chapter  Google Scholar 

  12. Yu, Y., Long, J., Cai, Z.: Network intrusion detection through stacking dilated convolutional autoencoders. Secur. Commun. Netw. 2017, 1–10 (2017)

    Article  Google Scholar 

  13. Yin, C., Zhu, Y., Fei, J., et al.: A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5, 21954–21961 (2017)

    Article  Google Scholar 

  14. Mikolov, T., Le, Q.V., Sutskever, I.: Exploiting similarities among languages for machine translation. arXiv preprint arXiv:1309.4168 (2013)

  15. Goldberg, Y., Levy, O.: word2vec Explained: deriving Mikolov et al.’s negative-sampling word-embedding method. arXiv preprint arXiv:1402.3722 (2014)

  16. Pennington, J., Socher, R., Manning, C.: GloVe: global vectors for word representation. In: Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing (EMNLP), pp. 1532–1543 (2014)

    Google Scholar 

  17. Gu, J., Wang, Z., Kuen, J., et al.: Recent advances in convolutional neural networks. arXiv preprint arXiv:1512.07108 (2015)

  18. Sutskever, I., Vinyals, O., Le, Q.V.: Sequence to sequence learning with neural networks. In: Advances in Neural Information Processing Systems, pp. 3104–3112 (2014)

    Google Scholar 

  19. Tavallaee, M., Bagheri, E., Lu, W., et al.: A detailed analysis of the KDD CUP 99 data set. In: IEEE Symposium on Computational Intelligence for Security and Defense Applications, 2009, CISDA 2009, pp. 1–6. IEEE (2009)

    Google Scholar 

  20. Song, J., Takakura, H., Okabe, Y.: Description of Kyoto University benchmark data. http://www.takakura.com/Kyoto_data/BenchmarkData-Description-v5.pdf

  21. Lippmann, R., Cunningham, R.K., Fried, D.J., et al.: Results of the DARPA 1998 offline intrusion detection evaluation. In: Recent Advances in Intrusion Detection, vol. 99, pp. 829–835 (1999)

    Google Scholar 

  22. Mchugh, J.: Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Trans. Inf. Syst. Secur. 3(4), 262–294 (2000)

    Article  Google Scholar 

  23. Shiravi, A., Shiravi, H., Tavallaee, M., et al.: Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput. Secur. 31(3), 357–374 (2012)

    Article  Google Scholar 

  24. Akyol, A., Hacibeyoglu, M., Karlik, B.: Design of multilevel hybrid classifier with variant feature sets for intrusion detection system. IEICE Trans. Inf. Syst. E99.D(7), 1810–1821 (2016)

    Article  Google Scholar 

  25. Sallay, H., Ammar, A., Saad, M.B., et al.: A real time adaptive intrusion detection alert classifier for high speed networks. In: IEEE International Symposium on Network Computing and Applications, pp. 73–80. IEEE (2013)

    Google Scholar 

  26. Yassin, W., Udzir, N.I., Muda, Z., et al.: Anomaly-based intrusion detection through K-Means clustering and Naives Bayes classification (2013)

    Google Scholar 

  27. Tan, Z., Jamdagni, A., He, X., et al.: Detection of denial-of-service attacks based on computer vision techniques. IEEE Trans. Comput. 64(9), 2519–2533 (2015)

    Article  MathSciNet  Google Scholar 

  28. Yuan, X., Li, C., Li, X.: DeepDefense: identifying DDoS attack via deep learning. In: IEEE International Conference on Smart Computing, pp. 1–8. IEEE (2017)

    Google Scholar 

Download references

Acknowledgement

This research work is supported by National Natural Science Foundation of China under grant number 61105050.

Author information

Authors and Affiliations

  1. Department of Computer Science, National University of Defense Technology, Changsha, 410005, China

    Jianjing Cui, Jun Long, Erxue Min & Yugang Mao

Authors
  1. Jianjing Cui
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jun Long
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Erxue Min
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yugang Mao
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jun Long .

Editor information

Editors and Affiliations

  1. Maynooth University, Maynooth, Ireland

    Vicenç Torra

  2. Department Management Science, Tamagawa University, Tokyo, Japan

    Yasuo Narukawa

  3. University of the Balearic Islands, Palma de Mallorca, Spain

    Isabel Aguiló

  4. University of the Balearic Islands, Palma de Mallorca, Baleares, Spain

    Manuel González-Hidalgo

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Cui, J., Long, J., Min, E., Mao, Y. (2018). WEDL-NIDS: Improving Network Intrusion Detection Using Word Embedding-Based Deep Learning Method. In: Torra, V., Narukawa, Y., Aguiló, I., González-Hidalgo, M. (eds) Modeling Decisions for Artificial Intelligence. MDAI 2018. Lecture Notes in Computer Science(), vol 11144. Springer, Cham. https://doi.org/10.1007/978-3-030-00202-2_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-00202-2_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-00201-5

  • Online ISBN: 978-3-030-00202-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation