Skip to main content
Springer Nature Link
Log in

A Comparative Study of LAD, CNN and DNN for Detecting Intrusions

  • Conference paper
  • First Online:
Intelligent Data Engineering and Automated Learning – IDEAL 2022 (IDEAL 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13756))

Abstract

In recent years, with the growth of the Internet and network devices, a significant amount of information has been exposed to the attackers and intruders. Due to vulnerabilities in the system, the adversaries plan new ways of network intrusions. Many Intrusion Detection Systems (IDSs) are developed to protect the networks from malicious attacks and ensure reliability and availability within the organizations. IDSs built using various machine learning and data mining techniques are effective in detecting attacks. However, their performance decreases with an increase in the size of data. In this paper, we focus on developing an IDS model using Logical Analysis of Data (LAD). It is a supervised learning technique where patterns are generated using partially defined Boolean functions (pdBf), which can detect attacks based on certain features of the data. We compare the performance of LAD model with Deep Neural Network (DNN) and Convolutional Neural Network (CNN) IDS models. UNSW-NB15 and CSE-CIC-IDS2018 datasets are used for training and testing our proposed model. The results show that the performance of LAD model is competitive to CNN, DNN and other existing IDS models based on accuracy, precision, recall and F1 score.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. CSE-CIC-IDS-2018 dataset from university of newbrunswick. https://www.unb.ca/cic/datasets/ids-2018.html

  2. Almomani, O.: A feature selection model for network intrusion detection system based on PSO, GWO, FFA and GA algorithms. Symmetry 12(6), 1046 (2020). https://doi.org/10.3390/sym12061046

    Article  Google Scholar 

  3. Almuallim, H., Dietterich, T.G.: Learning Boolean concepts in the presence of many irrelevant features. Artif. Intell. 69(1–2), 279–305 (1994). https://doi.org/10.1016/0004-3702(94)90084-1

    Article  MathSciNet  MATH  Google Scholar 

  4. Basnet, R., Shash, R., Johnson, C., Walgren, L., Doleck, T.: Towards detecting and classifying network intrusion traffic using deep learning frameworks (2019). https://doi.org/10.22667/JISIS.2019.11.30.001

  5. Boros, E., Hammer, P.L., Ibaraki, T., Kogan, A., Mayoraz, E., Muchnik, I.: An implementation of logical analysis of data. IEEE Trans. Knowl. Data Eng. 12(2), 292–306 (2000). https://doi.org/10.1109/69.842268

    Article  Google Scholar 

  6. Crama, Y., Hammer, P.L., Ibaraki, T.: Cause-effect relationships and partially defined Boolean functions. Ann. Oper. Res. 16(1), 299–325 (1988). https://doi.org/10.1007/BF02283750

    Article  MathSciNet  MATH  Google Scholar 

  7. Das, T.K., Adepu, S., Zhou, J.: Anomaly detection in industrial control systems using logical analysis of data. Comput. Secur. 96, 101935 (2020). https://doi.org/10.1016/j.cose.2020.101935

    Article  Google Scholar 

  8. Das, T.K., Gangopadhyay, S., Zhou, J.: SSIDS: semi-supervised intrusion detection system by extending the logical analysis of data. CoRR (2020). arXiv:2007.10608

  9. Denning, D.: An intrusion-detection model. IEEE Trans. Softw. Eng. SE-13(2), 222–232 (1987). https://doi.org/10.1109/TSE.1987.232894

  10. Fitni, Q.R.S., Ramli, K.: Implementation of ensemble learning and feature selection for performance improvements in anomaly-based intrusion detection systems. In: 2020 IEEE International Conference on Industry 4.0, Artificial Intelligence, and Communications Technology (IAICT), pp. 118–124 (2020)

    Google Scholar 

  11. Hammer, P.L.: Partially defined Boolean functions and cause-effect relationships. In: Proceedings of the International Conference on Multi-Attribute Decision Making via OR-Based Expert Systems. University of Passau (1986)

    Google Scholar 

  12. Kasongo, S.M., Sun, Y.: Performance analysis of intrusion detection systems using a feature selection method on the UNSW-NB15 dataset. J. Big Data 7(1), 1–20 (2020). https://doi.org/10.1186/s40537-020-00379-6

    Article  Google Scholar 

  13. Khammassi, C., Krichen, S.: A GA-LR wrapper approach for feature selection in network intrusion detection. Comput. Secur. 70, 255–277 (2017). https://doi.org/10.1016/j.cose.2017.06.005

    Article  Google Scholar 

  14. Khan, M.A.: HCRNNIDS: hybrid convolutional recurrent neural network-based network intrusion detection system. Processes 9(5) (2021). https://doi.org/10.3390/pr9050834

  15. Kim, J., Shin, Y., Choi, E.: An intrusion detection model based on a convolutional neural network. J. Multimedia Inf. Syst. 6, 165–172 (2019). https://doi.org/10.33851/JMIS.2019.6.4.165

  16. Kim, K., Aminanto, M.E., Tanuwidjaja, H.C.: Network Intrusion Detection Using Deep Learning: A Feature Learning Approach. Springer, Singapore (2018). https://doi.org/10.1007/978-981-13-1444-5

    Book  Google Scholar 

  17. Krishnan, A., Mithra, S.: A modified 1D-CNN based network intrusion detection system. Int. J. Res. Eng. Sci. Manag. 4(6), 291–294 (2021)

    Google Scholar 

  18. Mahmoud, L., Praveen, R.: Artificial neural networks for detecting intrusions: a survey. In: Fifth International Conference on Research in Computational Intelligence and Communication Networks (ICRCICN), pp. 41–48. IEEE (2020)

    Google Scholar 

  19. Mishra, P., Varadharajan, V., Tupakula, U., Pilli, E.S.: A detailed investigation and analysis of using machine learning techniques for intrusion detection. IEEE Commun. Surv. Tutor. 21(1), 686–728 (2018). https://doi.org/10.1109/COMST.2018.2847722

    Article  Google Scholar 

  20. Moustafa, N., Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 Military Communications and Information Systems Conference (MilCIS), pp. 1–6. IEEE (2015). https://doi.org/10.1109/MilCIS.2015.7348942

  21. Moustafa, N., Slay, J.: The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Inf. Secur. J. Glob. Perspect. 25(1–3), 18–31 (2016). https://doi.org/10.1080/19393555.2015.1125974

    Article  Google Scholar 

  22. Moustafa, N., Slay, J., Creech, G.: Novel geometric area analysis technique for anomaly detection using trapezoidal area estimation on large-scale networks. IEEE Trans. Big Data 5(4), 481–494 (2019). https://doi.org/10.1109/TBDATA.2017.2715166

    Article  Google Scholar 

Download references

Authors’ Contributions

Conceptualization and Supervision: Sugata Gangopadhyay and Aditi Kar Gangopadhyay. Investigation, Software Implementation of LAD: Sneha Chauhan. Investigation, Software Implementation of CNN and DNN: Loreen Mahmoud. Writing Original Draft: Sneha Chauhan and Loreen Mahmoud.

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, IIT Roorkee, Roorkee, India

    Sneha Chauhan, Loreen Mahmoud & Sugata Gangopadhyay

  2. Department of Computer Science and Engineering, NIT Uttarakhand, Srinagar, India

    Sneha Chauhan

  3. Department of Mathematics, IIT Roorkee, Roorkee, India

    Aditi Kar Gangopadhyay

Authors
  1. Sneha Chauhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Loreen Mahmoud
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sugata Gangopadhyay
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Aditi Kar Gangopadhyay
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Sneha Chauhan or Aditi Kar Gangopadhyay .

Editor information

Editors and Affiliations

  1. University of Manchester, Manchester, UK

    Hujun Yin

  2. Technical University of Madrid, Madrid, Spain

    David Camacho

  3. University of Birmingham, Birmingham, UK

    Peter Tino

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chauhan, S., Mahmoud, L., Gangopadhyay, S., Gangopadhyay, A.K. (2022). A Comparative Study of LAD, CNN and DNN for Detecting Intrusions. In: Yin, H., Camacho, D., Tino, P. (eds) Intelligent Data Engineering and Automated Learning – IDEAL 2022. IDEAL 2022. Lecture Notes in Computer Science, vol 13756. Springer, Cham. https://doi.org/10.1007/978-3-031-21753-1_43

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-21753-1_43

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-21752-4

  • Online ISBN: 978-3-031-21753-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics