Skip to main content
Springer Nature Link
Log in

A WNN-Based Approach for Network Intrusion Detection

  • Conference paper
  • First Online:
Intelligent Distributed Computing XIV (IDC 2021)

Part of the book series: Studies in Computational Intelligence ((SCI,volume 1026))

Included in the following conference series:

  • 591 Accesses

Abstract

Nowadays, Intrusion Detection Systems (IDSs) are becoming more and more effective since they can benefit from the flexibility offered by Machine Learning (ML) techniques. In this work we investigate the potentiality of the Weightless Neural Networks (WNNs) as a classification method of network attacks. Traditionally, WNNs have been exploited in the image classification field and are implemented through the WiSARD algorithm. Interestingly, our analysis reveals that, applied to the IDS realm, WNNs offer surprising results in terms of performance/time complexity trade-off with respect to other ML-based techniques. The experimental assessment is carried on by considering one of the most updated datasets (CIC-IDS) in the field of the intrusion detection, where two exemplary attacks to be detected are considered: Distributed Denial of Service (DDoS) and PortScan.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Di Mauro, M., Di Sarno, C.: Improving SIEM capabilities through an enhanced probe for encrypted Skype traffic detection. J. Inf. Secur. Appl. 38, 85–95 (2018)

    Google Scholar 

  2. Di Mauro, M., Di Sarno, C.: A framework for internet data real-time processing: a machine-learning approach. In: 2014 International Carnahan Conference on Security Technology (ICCST), pp. 1–6 (2014)

    Google Scholar 

  3. Di Mauro, M., Longo, M.: Revealing encrypted WebRTC traffic via machine learning tools. In: 2015 12th International Joint Conference on e-Business and Telecommunications (ICETE), vol. 04, pp. 259–266 (2015)

    Google Scholar 

  4. Di Mauro, M., Longo, M.: Skype traffic detection: a decision theory based tool. In: 2014 International Carnahan Conference on Security Technology (ICCST), pp. 1–6 (2014)

    Google Scholar 

  5. Addesso, P., Cirillo, M., Di Mauro, M., Matta, V.: ADVoIP: adversarial detection of encrypted and concealed VoIP. IEEE Trans. Inf. Forensics Secur. 15, 943–958 (2020)

    Article  Google Scholar 

  6. Matta, V., Di Mauro, M., Longo, M., Farina, A.: Cyber-threat mitigation exploiting the birthâĂŞdeathâĂŞimmigration model. IEEE Trans. Inf. Forensics Secur. 13(12), 3137–3152 (2018)

    Article  Google Scholar 

  7. Addesso, P., Barni, M., Di Mauro, M., Matta, V.: Adversarial kendallâĂŹs model towards containment of distributed cyber-threats. IEEE Trans. Inf. Forensics Secur. 16, 3604–3619 (2021)

    Article  Google Scholar 

  8. Aleksander, I., Morton, H.: Introduction to Neural Computing. Chapman and Hall, London (1990)

    Google Scholar 

  9. Cauteruccio, F., Fortino, G., Guerrieri, A., Liotta, A., Mocanu, D.C., Perra, C., Terracina, G., Vega, M.T.: Short-long term anomaly detection in wireless sensor networks based on machine learning and multi-parameterized edit distance. Inf. Fusion 52, 13–30 (2019)

    Google Scholar 

  10. Erhan, L., Ndubuaku, M., Di Mauro, M., Song, W., Chen, M., Fortino, G., Bagdasar, O., Liotta, A.: Smart anomaly detection in sensor systems: a multi-perspective review. Inf. Fusion 67, 64–79 (2021)

    Article  Google Scholar 

  11. Cauteruccio, F., Cinelli, L., Corradini, E., Terracina, G., Ursino, D., Virgili, L., Savaglio, C., Liotta, A., Fortino, G.: A framework for anomaly detection and classification in multiple IoT scenarios. Futur. Gener. Comput. Syst. 114, 322–335 (2021)

    Article  Google Scholar 

  12. Yin, C., Zhu, Y., Fei, J., He, X.: A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5, 21954–21961 (2017)

    Article  Google Scholar 

  13. Ravipati, R., Munther, A.: A survey on different machine learning algorithms and weak classifiers based on KDD and NSL-KDD datasets. Int. J. Artif. Intell. Appl. 10, 01–11 (2019)

    Google Scholar 

  14. Azwar, H., Murtaz, M., Siddique, M., Rehman, S.: Intrusion detection in secure network for cybersecurity systems using machine learning and data mining. In: 2018 IEEE 5th International Conference on Engineering Technologies and Applied Sciences (ICETAS), pp. 1–9 (2018)

    Google Scholar 

  15. Kdd cup 1999 data.: http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html. Last accessed: 10 Sept 2021

  16. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6 (2009)

    Google Scholar 

  17. Khan, R.U., Zhang, X., Alazab, M., Kumar, R.: An improved convolutional neural network model for intrusion detection in networks. In: 2019 Cybersecurity and Cyberforensics Conference, pp. 74–77 (2019)

    Google Scholar 

  18. S. T. F. Al-Janabi and H. A. Saeed. A neural network based anomaly intrusion detection system. In Developments in E-systems Engineering, pages 221–226, 2011

    Google Scholar 

  19. Taher, K.A., Jisan, B.M.Y., Rahman, M.M.: Network intrusion detection using supervised machine learning technique with feature selection. In: 2019 International Conference on Robotics,Electrical and Signal Processing Techniques (ICREST), pp. 643–646 (2019)

    Google Scholar 

  20. Papamartzivanos, D., Marmol, F.G., Kambourakis, G.: Introducing deep learning self-adaptive misuse network intrusion detection systems. IEEE Access 7, 13546–13560 (2019)

    Google Scholar 

  21. Fernando, Z.T., Thaseen, I.S., Kumar, C.A.: Network attacks identification using consistency based feature selection and self organizing maps. In: First International Conference on Networks Soft Computing, pp. 162–166 (2014)

    Google Scholar 

  22. McElwee, S., Cannady, J.: Improving the performance of self-organizing maps for intrusion detection. In: SoutheastCon 2016, pp. 1–6 (2016)

    Google Scholar 

  23. Li-ying, C., Xiao-xian, Z., He, L., Gui-fen, C.: A network intrusion detection method based on combined model. In: International Conference on Mechatronic Science, Electric Engineering and Computer, pp. 254–257 (2011)

    Google Scholar 

  24. Al-Sultani, Z.N., Naoum, R.S.: Learning vector quantization (LVQ) and k-nearest neighbor for intrusion classification. World Comput. Sci. Inf. Technol. J. 2(3), 105–109 (2012)

    Google Scholar 

  25. The CSE-CIC-IDS2018 Dataset.: http://netflowmeter.cal. Last accessed: 10 Sept 2021

  26. Nguyen, T.T.T., Armitage, G.: A survey of techniques for internet traffic classification using machine learning. IEEE Commun. Surv. Tutor. 10(4), 56–76 (2008)

    Article  Google Scholar 

  27. Boutaba, R., Salahuddin, M.A., Limam, N., Ayoubi, S., Shahriar, N., Estrada-Solano, F., Caicedo, O.M.: A comprehensive survey on machine learning for networking: evolution, applications and research opportunities. J. Internet Serv. Appl. 9(1), 16 (2018)

    Article  Google Scholar 

  28. Hindy, H., Brosset, D., Bayne, E., Seeam, A., Tachtatzis, C., Atkinson, R., Bellekens, X.: A taxonomy and survey of intrusion detection system design techniques, network threats and datasets. CoRR (2018). arXiv:abs/1806.03517

  29. Khraisat, A., Gondal, I., Vamplew, P., Kamruzzaman, J.: Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity 2(1), 20 (2019)

    Article  Google Scholar 

  30. Aldweesh, A., Derhab, A., Emam, A.: Deep learning approaches for anomaly-based intrusion detection systems: a survey, taxonomy, and open issues. Knowl.-Based Syst. 189, 105–124 (2020)

    Article  Google Scholar 

  31. Bowden, P., Alexander, I., Thomas, W.: Learning deep architectures for AI. Sens. Rev. 4(3), 120–124 (1984)

    Google Scholar 

  32. De Gregorio, M., Giordano, M.: An experimental evaluation of weightless neural networks for multi-class classification. Appl. Soft Comput. 72, 338–354 (2018)

    Article  Google Scholar 

  33. Di Mauro, M., Galatro, G., Fortino, G., Liotta, A.: Supervised feature selection techniques in network intrusion detection: a critical review. Eng. Appl. Artif. Intell. 101 (2021)

    Google Scholar 

  34. Matta, V., Di Mauro, M., Longo, M.: Botnet identification in randomized DDoS attacks. In: Proceedings of the 24th European Signal Processing Conference, pp. 2260–2264 (2016)

    Google Scholar 

  35. Cirillo, M., Di Mauro, M., Matta, V., Tambasco, M.: Botnet identification in DDoS attacks with multiple emulation dictionaries. IEEE Trans. Inf. Forensics Secur. 16, 3554–3569 (2021)

    Google Scholar 

  36. Cirillo, M., Di Mauro, M., Matta, V., Tambasco, M.: Application-layer DDoS attacks with multiple emulation dictionaries. In: IEEE ICASSP, pp. 2610–2614 (2021)

    Google Scholar 

  37. Di Mauro, M., Galatro, G., Liotta, A.: Experimental review of neural-based approaches for network intrusion management. IEEE Trans. Netw. Serv. Manage. 17(4), 2480–2495 (2020)

    Article  Google Scholar 

  38. Kohonen, T.: Self-Organizing Maps, 3rd edn. Springer, Berlin, Heidelberg (2001)

    Book  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Salerno, Fisciano, Italy

    Mario Di Mauro

  2. Amazon AWS, Seattle, Ireland

    Giovanni Galatro

  3. Free University of Bozen-Bolzano, Bolzano, Italy

    Antonio Liotta

Authors
  1. Mario Di Mauro
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Giovanni Galatro
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Antonio Liotta
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mario Di Mauro .

Editor information

Editors and Affiliations

  1. Computer Systems Engineering Department, Universidad Politécnica de Madrid, Madrid, Spain

    David Camacho

  2. DIIES Department, University of Reggio Calabria, Reggio Calabria, Italy

    Domenico Rosaci

  3. Department of Psychology, University of Milan Bicocca, Milan, Italy

    Giuseppe M. L. Sarné

  4. DICEAM Department, University of Reggio Calabria, Reggio Calabria, Italy

    Mario Versaci

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Di Mauro, M., Galatro, G., Liotta, A. (2022). A WNN-Based Approach for Network Intrusion Detection. In: Camacho, D., Rosaci, D., SarnĂ©, G.M.L., Versaci, M. (eds) Intelligent Distributed Computing XIV. IDC 2021. Studies in Computational Intelligence, vol 1026. Springer, Cham. https://doi.org/10.1007/978-3-030-96627-0_8

Download citation

Publish with us

Policies and ethics