Abstract
A Network Intrusion Detection System (NIDS) helps system administrators to detect security breaches in their organization. Current research focus on machine learning based network intrusion detection method. However, as numerous complicated attack types have growingly appeared and evolved in recent years, obtaining high detection rates is increasingly difficult. Also, the performance of a NIDS is highly dependent on feature design, while a feature set that can accurately characterize network traffic is still manually designed and usually costs lots of time. In this paper, we propose an improved NIDS using word embedding-based deep learning (WEDL-NIDS), which has the ability of dimension reduction and learning features from data with sophisticated structure. The experimental results show that the proposed method outperforms previous methods in terms of accuracy and false alarm rate, which successfully demonstrates its effectiveness in both dimension reduction and practical detection ability.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Wang, W., Zhu, M., Zeng, X., et al.: Malware traffic classification using convolutional neural network for representation learning. In: International Conference on Information Networking, pp. 712–717. IEEE (2017)
Wang, W., Sheng, Y., Wang, J., et al.: HAST-IDS: learning hierarchical spatial-temporal features using deep neural networks to improve intrusion detection. IEEE Access 6, 1792–1806 (2017)
Mikolov, T., Yih, W.T., Zweig, G.: Linguistic regularities in continuous space word representations. In: HLT-NAACL (2013)
Krizhevsky, A., Sutskever, I., Hinton, G.E.: ImageNet classification with deep convolutional neural networks. In: International Conference on Neural Information Processing Systems, pp. 1097–1105. Curran Associates Inc. (2012)
Hochreiter, S., Schmidhuber, J.: Long short-term memory. Neural Comput. 9(8), 1735–1780 (1997)
Tang, T.A., Mhamdi, L., McLernon, D., et al.: Deep learning approach for network intrusion detection in software defined networking. In: 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM), pp. 258–263. IEEE (2016)
Salama, M.A., Eid, H.F., Ramadan, R.A., Darwish, A., Hassanien, A.E.: Hybrid intelligent intrusion detection scheme. In: Gaspar-Cunha, A., Takahashi, R., Schaefer, G., Costa, L. (eds.) Soft Computing in Industrial Applications. AINSC, vol. 96, pp. 293–303. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20505-7_26
Fiore, U., Palmieri, F., Castiglione, A., et al.: Network anomaly detection with the restricted Boltzmann machine. Neurocomputing 122, 13–23 (2013)
Wang, Z.: The applications of deep learning on traffic identification. BlackHat USA (2015)
Javaid, A., Niyaz, Q., Sun, W., et al.: A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (formerly BIONETICS). ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering), pp. 21–26 (2016)
Yu, Y., Long, J., Cai, Z.: Session-based network intrusion detection using a deep learning architecture. In: Torra, V., Narukawa, Y., Honda, A., Inoue, S. (eds.) MDAI 2017. LNCS (LNAI), vol. 10571, pp. 144–155. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-67422-3_13
Yu, Y., Long, J., Cai, Z.: Network intrusion detection through stacking dilated convolutional autoencoders. Secur. Commun. Netw. 2017, 1–10 (2017)
Yin, C., Zhu, Y., Fei, J., et al.: A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5, 21954–21961 (2017)
Mikolov, T., Le, Q.V., Sutskever, I.: Exploiting similarities among languages for machine translation. arXiv preprint arXiv:1309.4168 (2013)
Goldberg, Y., Levy, O.: word2vec Explained: deriving Mikolov et al.’s negative-sampling word-embedding method. arXiv preprint arXiv:1402.3722 (2014)
Pennington, J., Socher, R., Manning, C.: GloVe: global vectors for word representation. In: Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing (EMNLP), pp. 1532–1543 (2014)
Gu, J., Wang, Z., Kuen, J., et al.: Recent advances in convolutional neural networks. arXiv preprint arXiv:1512.07108 (2015)
Sutskever, I., Vinyals, O., Le, Q.V.: Sequence to sequence learning with neural networks. In: Advances in Neural Information Processing Systems, pp. 3104–3112 (2014)
Tavallaee, M., Bagheri, E., Lu, W., et al.: A detailed analysis of the KDD CUP 99 data set. In: IEEE Symposium on Computational Intelligence for Security and Defense Applications, 2009, CISDA 2009, pp. 1–6. IEEE (2009)
Song, J., Takakura, H., Okabe, Y.: Description of Kyoto University benchmark data. http://www.takakura.com/Kyoto_data/BenchmarkData-Description-v5.pdf
Lippmann, R., Cunningham, R.K., Fried, D.J., et al.: Results of the DARPA 1998 offline intrusion detection evaluation. In: Recent Advances in Intrusion Detection, vol. 99, pp. 829–835 (1999)
Mchugh, J.: Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Trans. Inf. Syst. Secur. 3(4), 262–294 (2000)
Shiravi, A., Shiravi, H., Tavallaee, M., et al.: Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput. Secur. 31(3), 357–374 (2012)
Akyol, A., Hacibeyoglu, M., Karlik, B.: Design of multilevel hybrid classifier with variant feature sets for intrusion detection system. IEICE Trans. Inf. Syst. E99.D(7), 1810–1821 (2016)
Sallay, H., Ammar, A., Saad, M.B., et al.: A real time adaptive intrusion detection alert classifier for high speed networks. In: IEEE International Symposium on Network Computing and Applications, pp. 73–80. IEEE (2013)
Yassin, W., Udzir, N.I., Muda, Z., et al.: Anomaly-based intrusion detection through K-Means clustering and Naives Bayes classification (2013)
Tan, Z., Jamdagni, A., He, X., et al.: Detection of denial-of-service attacks based on computer vision techniques. IEEE Trans. Comput. 64(9), 2519–2533 (2015)
Yuan, X., Li, C., Li, X.: DeepDefense: identifying DDoS attack via deep learning. In: IEEE International Conference on Smart Computing, pp. 1–8. IEEE (2017)
Acknowledgement
This research work is supported by National Natural Science Foundation of China under grant number 61105050.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Cui, J., Long, J., Min, E., Mao, Y. (2018). WEDL-NIDS: Improving Network Intrusion Detection Using Word Embedding-Based Deep Learning Method. In: Torra, V., Narukawa, Y., Aguiló, I., González-Hidalgo, M. (eds) Modeling Decisions for Artificial Intelligence. MDAI 2018. Lecture Notes in Computer Science(), vol 11144. Springer, Cham. https://doi.org/10.1007/978-3-030-00202-2_23
Download citation
DOI: https://doi.org/10.1007/978-3-030-00202-2_23
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00201-5
Online ISBN: 978-3-030-00202-2
eBook Packages: Computer ScienceComputer Science (R0)