Abstract
Network traffic classification, which generally adopts traditional machine learning methods, is one of the most important methods in intrusion detection. However, how to design a feature set that accurately characterizes network traffic is still a problem. This paper proposes an intrusion detection method based on hierarchical feature learning, which first learns the byte-level features of network traffic through deep convolutional neural networks and then learns session-level features using Stacked Denoising Autoencoder. Experiments show that this method can obtain very important characteristics in network traffic, whose precision and false alarm rate are optimized by 0.41% compared to the CNN-only approach, so as to effectively improve the precision of network traffic classification and reduce the false alarm rate. The method can meet the requirements of network intrusion detection.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Yu, Y., Long, J., Liu, F., Cai, Z.: Machine learning combining with visualization for intrusion detection: a survey. In: Torra, V., Narukawa, Y., Navarro-Arribas, G., Yañez, C. (eds.) MDAI 2016. LNCS (LNAI), vol. 9880, pp. 239–249. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45656-0_20
Sommer, R., Paxson, V.: Outside the closed world: on using machine learning for network intrusion detection. In: 2010 IEEE Symposium on Security and Privacy, Berkeley/Oakland, CA, USA, pp. 305–316. IEEE Press (2010)
Jiang, N., Li, B., Wan, T., Liu, L.: C-POEM: comprehensive performance optimization evaluation model for wireless sensor networks. Soft. Comput. 21(12), 3377–3385 (2017)
Jiang, N., Xiao, X., Liu, L.: Localization scheme for wireless sensor networks based on “shortcut” constraint. Ad Hoc Sens. Wirel. Netw. 26(1–4), 1–19 (2015)
Chen, J., Qi, Y.: Intrusion detection method based on deep learning. J. Jiangsu Univ. Sci. Technol. (Natural Science Edition) 31(06), 795–800 (2017)
Seo, S., Park, S., Kim, J.: Improvement of network intrusion detection accuracy by using restricted Boltzmann machine. In: 2016 8th International Conference on Computational Intelligence and Communication Networks, Tehri, India, pp. 413–417. IEEE Press (2016)
Yang, X., Gao, L., Wang, H., et al.: A cooperative deep belief network for intrusion detection. In: 2018 Sixth International Conference on Advanced Cloud and Big Data, Lanzhou, China, pp. 230–236. IEEE Press (2018)
Naseer, S., Saleem, Y., Khalid, S., et al.: Enhanced network anomaly detection based on deep neural networks. IEEE Access 6(99), 48231–48246 (2018)
Javaid, A., Niyaz, Q., Sun, W., et al.: A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies, New York City, United States, pp. 21–26. Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering (2016)
Tavallaee, M., Bagheri, E., Lu, W., et al.: A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, Ottawa, ON, Canada, pp. 1–6. IEEE Press (2009)
Verma, A., Ranga, V.: Statistical analysis of CIDDS-001 dataset for network intrusion detection systems using distance-based machine learning. Procedia Comput. Sci. 125, 709–716 (2018)
Yuan, Z., Lu, Y., Xue, Y.: Droiddetector: android malware characterization and detection using deep learning. Tsinghua Sci. Technol. 21(1), 114–123 (2016)
Yin, C., Zhu, Y., Fei, J., et al.: A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5, 21954–21961 (2017)
Li, P., Chen, Z., et al.: An improved stacked auto-encoder for network traffic flow classification. IEEE Netw. 32, 22–27 (2018)
Yao, Y., Wei, Y., Gao, F., et al.: Anomaly intrusion detection approach using hybrid MLP/CNN neural network. In: 6th International Conference on Intelligent Systems Design and Applications, Jinan, China, pp. 1095–1102. IEEE Press (2006)
Erfani, S., Rajasegarar, S., Karunasekera, S., et al.: High-dimensional and large-scale anomaly detection using a linear one-class SVM with deep learning. Pattern Recogn. 58, 121–134 (2016)
Eesa, A., Orman, Z., Brifcani, A.: A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Expert Syst. Appl. 42(5), 2670–2679 (2015)
Wang, W., Sheng, Y., Wang, J., et al.: HAST-IDS: learning hierarchical spatial-temporal features using deep neural networks to improve intrusion detection. IEEE Access 6, 1792–1806 (2018)
Yu, Y., Long, J., Cai, Z.: Session-based network intrusion detection using a deep learning architecture. In: Torra, V., Narukawa, Y., Honda, A., Inoue, S. (eds.) MDAI 2017. LNCS (LNAI), vol. 10571, pp. 144–155. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-67422-3_13
Rodriguez, J., Perez, A., Lozano, J.: Sensitivity analysis of k-fold cross validation in prediction error estimation. IEEE Trans. Pattern Anal. Mach. Intell. 32(3), 569–575 (2010)
Nair, V., Hinton, G.E.: Stacked denoising autoencoders: rectified linear units improve restricted Boltzmann machines. In: Proceedings of the 27th International Conference on International Conference on Machine Learning, Haifa, Israel, pp. 807–814. Omnipress (2010)
The CTU-13 Dataset: A Labeled Dataset with Botnet, Normal and Background traffic. https://www.stratosphereips.org/datasets-ctu13
Ali, S., Hadi, S., Mahbod, T., et al.: Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput. Secur. 31(3), 357–374 (2012)
Acknowledgements
This work is supported by the National Natural Science Foundation of China, under Grant No. 61762037.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Xie, X., Jiang, X., Wang, W., Wang, B., Wan, T., Yang, H. (2019). An Intrusion Detection Method Based on Hierarchical Feature Learning and Its Application. In: Vaidya, J., Zhang, X., Li, J. (eds) Cyberspace Safety and Security. CSS 2019. Lecture Notes in Computer Science(), vol 11982. Springer, Cham. https://doi.org/10.1007/978-3-030-37337-5_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-37337-5_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-37336-8
Online ISBN: 978-3-030-37337-5
eBook Packages: Computer ScienceComputer Science (R0)