Abstract
Intrusion detection becomes more and more essential to ensure cyberspace security. In fact, the detection is a process of classifying traffic data. However, attacks usually try to cover up themselves to be as similar as normal traffic to avoid being detected. This will cause a high degree of overlap among different classes in the input data, and affect the detection rate. In this paper, we propose a feature generation based prototypical network (FGPNetwork) model to solve overlapping data classification problem in intrusion detection. By analyzing the characteristics of data transmission in the network, we select the basic package characteristics and roughly divide them into several parts. Then, a contribution rate is used to calculate the specific contribution of basic features to classification. We order the features by rate descending in each part and generate the new features by Convolutional Neural Networks (CNN) with different kernels. The new features can obtain the intrinsic connection of original features and add more nonlinearity to the model. Finally, the combination of new features and original features will be input into the prototypical network. In prototypical network, data is mapped to a high-dimensional space, and separated by narrowing the distance of data and their respective cluster centers. Because of the uneven distribution of the intrusion detection dataset, we use undersampling method in each batch. The experimental result on NSL-KDD test dataset also shows that our model is better than other deep learning intrusion detection methods.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Roesch, M.: Snort - lightweight intrusion detection for networks. In: Proceedings of the 13th USENIX Conference on System Administration. Lisa 1999, vol. 99, pp. 229 (1999)
Yin, C., et al.: A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5, 21954–21961 (2017)
LeCun, Y., Bengio, Y., Hinton, G.: Deep learning. Nature 521(7553), 436 (2015)
Javaid, A., et al.: A deep learning approach for network intrusion detection system. In: ICST, pp. 21–26 (2016)
Shone, N., Ngoc, T.N., Phai, V.D., Shi, Q.: A deep learning approach to network intrusion detection. IEEE Trans. Emerg. Top. Comput. Intell. 2, 41 (2018)
Staudemeyer, R.C.: Applying long short-term memory recurrent neural networks to intrusion detection. S. Afr. Comput. J. 1(56), 136–154 (2015)
Lin, W., et al.: Using convolutional neural networks to network intrusion detection for cyber threats. In: 2018 IEEE International Conference on Applied System Invention (ICASI), pp. 1107–1110. IEEE (2018)
Snell, J., Swersky, K., Zemel, R.: Prototypical networks for few-shot learning, pp. 4077–4087 (2017)
Mishra, P., et al.: A detailed investigation and analysis of using machine learning techniques for intrusion detection. IEEE Commun. Surv. Tutorials 21(1), 686–728 (2018)
Barbara, D., Wu, N., Jajodia, S.: Detecting novel network intrusions using Bayes estimators, pp. 1–17 (2001)
Panda, M., Abraham, A., Patra, P.M, Discriminative multinomial naive Bayes for network intrusion detection, pp. 5–10 (2010)
Rajeswari, L.P., Kannan, A.: An intrusion detection system based on multiple level hybrid classifier using enhanced C4. 5, pp. 75–79. IEEE (2008)
Stein, G., et al.: Decision tree classifier for network intrusion detection with GA-based feature selection, pp. 136–141. ACM (2005)
Kabir, E., et al.: A novel statistical technique for intrusion detection systems. Future Gener. Comput. Syst. 79, 303–318 (2018)
Nskh, P., Varma, M.N., Naik, R.R.: Principle component analysis based intrusion detection system using support vector machine, pp. 1344–1350. IEEE (2016)
Chauhan, H., et al.: A Comparative study of classification techniques for intrusion detection, pp. 40–43 (2013)
Zhang, J., Zulkernine, M., Haque, A.: Random-forests-based network intrusion detection systems. IEEE Trans. Syst. Man Cybern. Part C (Appl. Rev.) 38(5), 649–659 (2008)
Tang, T.A., et al.: Deep learning approach for network intrusion detection in software defined networking, pp. 258–263. IEEE (2016)
Kim, J., et al.: Method of intrusion detection using deep neural network, pp. 313–316 (2017)
Min, E., et al.: TR-IDS: anomaly-based intrusion detection through text-convolutional neural network and random forest. Secur. Commun. Netw. 2018, 1–9 (2018)
Torres, P., et al.: An analysis of recurrent neural networks for botnet detection behavior, pp. 1–6 (2016)
Kim, J., et al.: Long short term memory recurrent neural network classifier for intrusion detection, pp. 1–5 (2016)
Convolutional Neural Networks – Basics (2017). https://mlnotebook.github.io/post/CNN1/
Derived Features. University Of California, I. (1999)
Acknowledgment
This work is supported by National Natural Science Foundation of China (U1636208, F020605) and the National Natural Science Foundation of China (Grant No. 61902013).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Wang, S., Xia, C., Wang, T. (2020). Feature Generation: A Novel Intrusion Detection Model Based on Prototypical Network. In: Wen, S., Zomaya, A., Yang, L. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2019. Lecture Notes in Computer Science(), vol 11944. Springer, Cham. https://doi.org/10.1007/978-3-030-38991-8_37
Download citation
DOI: https://doi.org/10.1007/978-3-030-38991-8_37
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-38990-1
Online ISBN: 978-3-030-38991-8
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)