Abstract
Nowadays, with the great success of deep learning technology, using deep learning method to solve information security issues has become a study hot spot. Although some literal works have tried to solve intrusion detection problem via recurrent neural network, these methods do not give a detailed framework and specific data processing progress. We propose a novel semantic parsing based Long Short-Term Memory (LSTM) network framework in this paper. The proposed method uses the semantic representations of network data. The novel conversion process of various forms of network data to semantic description is given in detail. Experiments on NSL_KDD data sets show our proposed model outperforms most of the standard classifier. Results show that the semantic description has reserved information of the data and our semantic parsing based LSTM model provides a novel way to solve anomaly detection.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Canbay, Y., Sagiroglu, S.: A hybrid method for intrusion detection. In: 2015 IEEE 14th International Conference on Machine Learning and Applications (ICMLA), pp. 156–161. IEEE (2015)
Denning, D.E.: An intrusion-detection model. IEEE Trans. Softw. Eng. SE–13(2), 222–232 (1987)
Dhanabal, L., Shantharajah, S.: A study on NSL-KDD dataset for intrusion detection system based on classification algorithms. Int. J. Adv. Res. Comput. Commun. Eng. 4(6), 446–452 (2015)
Erfani, S.M., Rajasegarar, S., Karunasekera, S., Leckie, C.: High-dimensional and large-scale anomaly detection using a linear one-class SVM with deep learning. Pattern Recogn. 58, 121–134 (2016)
Fiore, U., Palmieri, F., Castiglione, A., De Santis, A.: Network anomaly detection with the restricted Boltzmann machine. Neurocomputing 122, 13–23 (2013)
Gao, H.H., Yang, H.H., Wang, X.Y.: Ant colony optimization based network intrusion feature selection and detection. In: Proceedings of 2005 International Conference on Machine Learning and Cybernetics, vol. 6, pp. 3871–3875. IEEE (2005)
Greff, K., Srivastava, R.K., Koutník, J., Steunebrink, B.R., Schmidhuber, J.: LSTM: a search space odyssey. IEEE Trans. Neural Netw. Learn. Syst. 28(10), 2222–2232 (2017)
Haq, N.F., Onik, A.R., Shah, F.M.: An ensemble framework of anomaly detection using hybridized feature selection approach (HFSA). In: 2015 SAI Intelligent Systems Conference (IntelliSys), pp. 989–995. IEEE (2015)
Kim, J., Kim, J., Thu, H.L.T., Kim, H.: Long short term memory recurrent neural network classifier for intrusion detection. In: 2016 International Conference on Platform Technology and Service (PlatCon), pp. 1–5. IEEE (2016)
LeCun, Y., Bengio, Y., Hinton, G.: Deep learning. Nature 521(7553), 436–444 (2015)
Li, Z., Qin, Z., Huang, K., Yang, X., Ye, S.: Intrusion detection using convolutional neural networks for representation learning. In: Liu, D., Xie, S., Li, Y., Zhao, D., El-Alfy, E.-S.M. (eds.) ICONIP 2017. LNCS, vol. 10638, pp. 858–866. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70139-4_87
Sahu, S., Mehtre, B.M.: Network intrusion detection system using J48 decision tree. In: 2015 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 2023–2026. IEEE (2015)
Sheikhan, M., Jadidi, Z., Farrokhi, A.: Intrusion detection using reduced-size RNN based on feature grouping. Neural Comput. Appl. 21(6), 1185–1190 (2012)
Srinoy, S.: Intrusion detection model based on particle swarm optimization and support vector machine. In: IEEE Symposium on Computational Intelligence in Security and Defense Applications, CISDA 2007, pp. 186–192. IEEE (2007)
Staudemeyer, R.C., Omlin, C.W.: Evaluating performance of long short-term memory recurrent neural networks on intrusion detection data. In: Proceedings of the South African Institute for Computer Scientists and Information Technologists Conference, pp. 218–224. ACM (2013)
Syarif, I., Zaluska, E., Prugel-Bennett, A., Wills, G.: Application of bagging, boosting and stacking to intrusion detection. In: Perner, P. (ed.) MLDM 2012. LNCS (LNAI), vol. 7376, pp. 593–602. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31537-4_46
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD cup 99 data set. In: IEEE Symposium on Computational Intelligence for Security and Defense Applications, CISDA 2009, pp. 1–6. IEEE (2009)
Teng, L., et al.: A collaborative and adaptive intrusion detection based on SVMs and decision trees. In: 2014 IEEE International Conference on Data Mining Workshop (ICDMW), pp. 898–905. IEEE (2014)
Wang, W., Zhu, M., Zeng, X., Ye, X., Sheng, Y.: Malware traffic classification using convolutional neural network for representation learning. In: 2017 International Conference on Information Networking (ICOIN), pp. 712–717. IEEE (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Li, Z., Qin, Z. (2018). A Semantic Parsing Based LSTM Model for Intrusion Detection. In: Cheng, L., Leung, A., Ozawa, S. (eds) Neural Information Processing. ICONIP 2018. Lecture Notes in Computer Science(), vol 11304. Springer, Cham. https://doi.org/10.1007/978-3-030-04212-7_53
Download citation
DOI: https://doi.org/10.1007/978-3-030-04212-7_53
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-04211-0
Online ISBN: 978-3-030-04212-7
eBook Packages: Computer ScienceComputer Science (R0)