Abstract
In recent years, with the continuous popularization of the cyber-attacking technology, the network intrusion events tend to be frequent and concealed. The accuracy of the traditional rule-based intrusion detection system is affected. And the false alarm rate of machine learning-based intrusion detection system is high due to the lack of causal link analysis among sampled data and attack events. Aiming at the problem, this paper proposes an intelligent intrusion detection algorithm, named SRMPC, which based on semantic re-encoding and multi-space projection. The key idea of the SRMPC algorithm is that the semantics of the network traffic is differentiated, and the normal network traffic and the attack network traffic often have obvious differences in the narrative semantics. The SRMPC algorithm re-encodes the semantics of the network traffic, and uses the multi-space projection technology to make the re-encoded semantic space boundaries clearing, thus, effectively improving the detection accuracy and robustness of the algorithm. The SRMPC algorithm can get > 99% accuracy of general Web attack detection, and when identifying NSL-KDD data sets with CNN, an average performance improvement of 8% is achieved.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Folino, G., Sabatino, P.: Ensemble based collaborative and distributed intrusion detection systems: a survey. J. Netw. Comput. Appl. 66, 1–16 (2016)
Moustafa, N., Hu, J., Slay, J.: A holistic review of network anomaly detection systems: a comprehensive survey. J. Netw. Comput. Appl. 128, 33–55 (2019)
Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: Network anomaly detection: methods, systems and tools. IEEE Commun. Surv. Tutor. 16, 303–336 (2013)
Prabhu Kavin, B.: Data mining techniques for providing network security through intrusion detection systems: a survey. Int. J. Adv. Comput. Electron. Eng. 2(10), 1–6 (2017)
Aburomman, A.A., Reaz, M.B.I.: A survey of intrusion detection systems based on ensemble and hybrid classifiers. Comput. Secur. 65, 135–152 (2017)
Colom, J.F., Gil, D., Mora, H., Volckaert, B., Jimeno, A.M.: Scheduling framework for distributed intrusion detection systems over heterogeneous network architectures. J. Netw. Comput. Appl. 108, 76–86 (2018)
Ji, S.-Y., Jeong, B.-K., Choi, S., Jeong, D.H.: A multi-level intrusion detection method for abnormal network behaviors. J. Netw. Comput. Appl. 62, 9–17 (2016)
Li, L., Yu, Y., Bai, S., Hou, Y., Chen, X.: An effective two-step intrusion detection approach based on binary classification and k-NN. IEEE Access 6, 12060–12073 (2018)
Kabir, E., Hu, J., Wang, H., Zhuo, G.: A novel statistical technique for intrusion detection systems. Futur. Gener. Comput. Syst. 79, Part 1, 303–318 (2018)
Blanco, R., Malagon, P., Cilla, J.J., Moya, J.M.: Multiclass network attack classifier using CNN tuned with genetic algorithms. In: 2018 28th International Symposium on Power and Timing Modeling, Optimization and Simulation (PATMOS), pp. 177–182. IEEE, Platja d’Aro (2018)
Hsu, C.-M., Hsieh, H.-Y., Prakosa, S.W., Azhari, M.Z., Leu, J.-S.: Using long-short-term memory based convolutional neural networks for network intrusion detection. In: Chen, J.-L., Pang, A.-C., Deng, D.-J., Lin, C.-C. (eds.) WICON 2018. LNICST, vol. 264, pp. 86–94. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-06158-6_9
Diro, A.A., Chilamkurti, N.: Distributed attack detection scheme using deep learning approach for Internet of Things. Futur. Gener. Comput. Syst. 82, 761–768 (2018)
Naseer, S., et al.: Enhanced network anomaly detection based on deep neural networks. IEEE Access 6, 48231–48246 (2018)
Wu, K., Chen, Z., Li, W.: A novel intrusion detection model for a massive network using convolutional neural networks. IEEE Access 6, 50850–50859 (2018)
Yin, C., Zhu, Y., Fei, J., He, X.: A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5, 21954–21961 (2017)
Mohammadpour, L., Ling, T.C., Liew, C.S., Chong, C.Y.A.: Convolutional neural network for network intrusion detection system. Proc. Asia-Pacific Adv. Netw. 46, 50–55 (2018)
Al-Qatf, M., Lasheng, Y., Al-Habib, M., Al-Sabahi, K.: Deep learning approach combining sparse auto encoder with SVM for network intrusion detection. IEEE Access 6, 52843–52856 (2018)
Ingre, B., Yadav, A.: Performance analysis of NSL-KDD dataset using ANN. In: 2015 International Conference on Signal Processing and Communication Engineering Systems (SPACES), pp. 92–96. IEEE, Guntur (2015)
He, K., Zhang, X., Ren, S., Sun, J.: Deep residual learning for image recognition. In: 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), pp. 770–778. IEEE, Las Vegas (2016)
Acknowledgement
This research is supported by National Natural Science Foundation of China (No. 61772162), National Key R&D Program of China (No. 2018YFB0804102), Zhejiang Key R&D Program of China (No. 2018C01088).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Wang, J., Wu, Z., Zhang, Z. (2019). Research on Intrusion Detection Based on Semantic Re-encoding and Multi-space Projection. In: Vaidya, J., Zhang, X., Li, J. (eds) Cyberspace Safety and Security. CSS 2019. Lecture Notes in Computer Science(), vol 11983. Springer, Cham. https://doi.org/10.1007/978-3-030-37352-8_12
Download citation
DOI: https://doi.org/10.1007/978-3-030-37352-8_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-37351-1
Online ISBN: 978-3-030-37352-8
eBook Packages: Computer ScienceComputer Science (R0)