Skip to main content

Key Technologies of Anomaly Detection Using PCA-LSTM

  • Conference paper
  • First Online:
Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS 2019)

Abstract

At present, concealed attacks such as exploit, generics, SQL injection and APT are becoming more and more serious, and shallow machine learning is no longer a good way to detect these hidden forms of attack. In this paper, an intrusion detection model based on principal component analysis optimization for Long Short Term Memory Networks is designed. The main principle is to remove the noise information in the sample data through principal component analysis, and utilize the memory function of Long Short Term Memory Networks and the powerful sequence data learning ability. The key issues of abnormal behavior detection combined with principal component analysis and Long Short-Term Memory Networks are studied in detail, including model structure, processing flow, hyperparameter analysis in LSTM and data preprocessing.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Rass, S., Zhu, Q.: GADAPT: a sequential game-theoretic framework for designing defense-in-depth strategies against advanced persistent threats. In: International Conference on Decision and Game Theory for Security, pp. 314–326. Springer International Publishing (2016)

    Google Scholar 

  2. http://www.cert.org.cn/publish/main/46/2018/20180802135136854322283/20180802135136854322283_.html

  3. Qin, S., Jiang, J., Ma, H., et al.: Research on intrusion detection techniques: a survey. J. Commun. 25(7), 19–29 (2004)

    Google Scholar 

  4. Lee, W., Stolfo, S.J., Mok, K.W.: A data mining framework for building intrusion detection models. In: Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344), pp. 120–132, Oakland, CA, USA (1999)

    Google Scholar 

  5. Yu, F.U., Hongcheng, L.I., Xiaoping, W.U., et al.: Detecting APT attacks: a survey from the perspective of big data analysis. J. Commun. 36(11), 1–14 (2015)

    Google Scholar 

  6. Owezarski, P., Mazel, J., Labit, Y.: 0day anomaly detection made possible thanks to machine learning. In: Wired/Wireless Internet Communications. Springer, Berlin, Heidelberg (2010)

    Google Scholar 

  7. Schmidhuber, J.: Deep learning in neural networks: an overview. Neural Netw. 61, 85–117 (2015)

    Article  Google Scholar 

  8. Zhijun, S.U.N., Lei, X.U.E., Yangming, X.U., et al.: Overview of deep learning. Appl. Res. Comput. 29(8), 2806–2810 (2012)

    Google Scholar 

  9. Wang, W.: Deep Learning for Network Traffic Classification and Anomaly Detection. University of Science and Technology of China, Hefei (2018)

    Google Scholar 

  10. Wang, W., Zhu, M., Zeng, X., et al.: Malware traffic classification using convolutional neural network for representation learning. In: International Conference on Information Networking. IEEE (2017)

    Google Scholar 

  11. Pektaş, A., Acarman T.: A deep learning method to detect network intrusion through flow-based features. Int. J. Netw. Manage. (2018)

    Google Scholar 

  12. Kim, J., Kim, J., Thu, H.L.T., et al.: Long short term memory recurrent neural network classifier for intrusion detection. In: 2016 International Conference on Platform Technology and Service (PlatCon). IEEE (2016)

    Google Scholar 

  13. Tao, M., Fen, W., Jianjun, C., et al.: A hybrid spectral clustering and deep neural network ensemble algorithm for intrusion detection in sensor networks. Sensors 16(10), 1701 (2016)

    Article  Google Scholar 

  14. YE, X., LAN, J., GUO, T.: Algorithm of network traffic feature selection based on PCA and tabu search. Comput. Sci. 41(1), 187–191 (2014)

    Google Scholar 

  15. Hochreiter, S., Schmidhuber, J.: Long short-term memory. Neural Comput. 9(8), 1735–1780 (1997)

    Article  Google Scholar 

  16. Aditya, R., Fabio, D.T., Mark, S.: Hidden Markov models with random restarts versus boosting for malware detection. J. Comput. Virol. Hacking Tech. (2018)

    Google Scholar 

  17. Greff, K., Srivastava, R.K., Koutník, J., et al.: LSTM: a search space odyssey. IEEE Transac. Neural Netw. Learn. Syst. 28(10), 2222–2232 (2015)

    Article  MathSciNet  Google Scholar 

  18. DAPPA.KDD Cup99 dataset.[EB/OL]. [2019-03-10]. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

  19. UNSW-NB15. [EB/OL]. [2019-03-10]. http://www.cybersecurity.unsw.adfa.edu.au/ADFA%20NB15%20Datasets/

  20. Xinming, T.A.O., Furong, L.I.U., Baoxiang, D.U.: Unbalanced Data SVM Classification Algorithm and its Application, pp. 43–45. Heilongjiang Science and Technology Press, Harbin (2011)

    Google Scholar 

Download references

Acknowledgements

This work is supported by National Cryptography Development Fund of China Under Grants No. MMJJ20170112, National Natural Science Foundation of China (Grant Nos. 61772550, U1636114, 61572521), The Key National Key Research and Development Program of China Under Grants No. 2017YFB0802000, Natural Science Basic Research Plan in Shaanxi Province of china (Grant Nos.2018JM6028). This work is also supported by Innovation Team Research Fund No. KYTD201805 of Engineering University of People’s Armed Police Force.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Zhong-shi Gao .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Gao, Zs., Su, Y., Ding, Y., Liu, Yd., Wang, Xa., Shen, Jw. (2020). Key Technologies of Anomaly Detection Using PCA-LSTM. In: Barolli, L., Xhafa, F., Hussain, O. (eds) Innovative Mobile and Internet Services in Ubiquitous Computing . IMIS 2019. Advances in Intelligent Systems and Computing, vol 994. Springer, Cham. https://doi.org/10.1007/978-3-030-22263-5_24

Download citation

Publish with us

Policies and ethics