Abstract
Intrusion detection is extremely crucial to prevent computer systems from being compromised. However, as numerous complicated attack types have growingly appeared and evolved in recent years, obtaining quite high detection rates is increasingly difficult. Also, traditional heavily hand-crafted evaluation datasets for network intrusion detection have not been practical. In addition, deep learning techniques have shown extraordinary capabilities in various application fields. The primary goal of this research is utilizing unsupervised deep learning techniques to automatically learn essential features from raw network traffics and achieve quite high detection accuracy. In this paper, we propose a session-based network intrusion detection model using a deep learning architecture. Comparative experiments demonstrate that the proposed model can achieve incredibly high performance to detect botnet network traffics.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
The CTU-13 dataset. https://stratosphereips.org/category/dataset.html
The UNB ISCX 2012 intrusion detection evaluation dataset. http://www.unb.ca/cic/research/datasets/ids.html
Cai, Z., Wang, Z., Zheng, K., Cao, J.: A distributed TCAM coprocessor architecture for integrated longest prefix matching, policy filtering, and content filtering. IEEE Trans. Comput. 62(3), 417–427 (2013)
Cheng, J., Yin, J., Liu, Y., Cai, Z., Wu, C.: DDoS attack detection using IP address feature interaction. In: International Conference on Intelligent Networking and Collaborative Systems, INCOS 2009, pp. 113–118. IEEE (2009)
Erfani, S.M., Rajasegarar, S., Karunasekera, S., Leckie, C.: High-dimensional and large-scale anomaly detection using a linear one-class svm with deep learning. Pattern Recogn. 58, 121–134 (2016)
Fiore, U., Palmieri, F., Castiglione, A., De Santis, A.: Network anomaly detection with the restricted Boltzmann machine. Neurocomputing 122, 13–23 (2013)
Hinton, G.E., Salakhutdinov, R.R.: Reducing the dimensionality of data with neural networks. Science 313(5786), 504–507 (2006)
Jung, W., Kim, S., Choi, S.: Poster: deep learning for zero-day flash malware detection. In: 36th IEEE Symposium on Security and Privacy (2015)
Li, Y., Ma, R., Jiao, R.: A hybrid malicious code detection method based on deep learning. Int. J. Secur. Appl. Methods 9(5), 205–216 (2015)
McHugh, J.: Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln laboratory. ACM Trans. Inf. Syst. Secur. (TISSEC) 3(4), 262–294 (2000)
Niyaz, Q., Sun, W., Javaid, A.Y., Alam, M.: A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (Formerly BIONETICS), BICT, vol. 15, pp. 21–26 (2016)
Revathi, S., Malathi, A.: A detailed analysis on NSL-KDD dataset using various machine learning techniques for intrusion detection. Int. J. Eng. Res. Technol. (2013). ESRSA Publications
Salama, M.A., Eid, H.F., Ramadan, R.A., Darwish, A., Hassanien, A.E.: Hybrid intelligent intrusion detection scheme. In: Gaspar-Cunha, A., Takahashi, R., Schaefer, G., Costa, L. (eds.) Soft Computing in Industrial Applications, pp. 293–303. Springer, Heidelberg (2011). doi:10.1007/978-3-642-20505-7_26
Sommer, R., Paxson, V.: Outside the closed world: on using machine learning for network intrusion detection. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 305–316. IEEE (2010)
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: IEEE Symposium on Computational Intelligence for Security and Defense Applications, CISDA 2009, pp. 1–6. IEEE (2009)
Vincent, P., Larochelle, H., Lajoie, I., Bengio, Y., Manzagol, P.A.: Stacked denoising autoencoders: learning useful representations in a deep network with a local denoising criterion. J. Mach. Learn. Res. 11((Dec)), 3371–3408 (2010)
Wang, Z.: The applications of deep learning on traffic identification. BlackHat USA (2015)
Yan, W., Yu, L.: On accurate and reliable anomaly detection for gas turbine combustors: a deep learning approach. In: Proceedings of the Annual Conference of the Prognostics and Health Management Society (2015)
Yao, Y., Wei, Y., Gao, F.x., Yu, G.: Anomaly intrusion detection approach using hybrid MLP/CNN neural network. In: Sixth International Conference on Intelligent Systems Design and Applications, ISDA 2006, vol. 2, pp. 1095–1102. IEEE (2006)
Yu, Y., Long, J., Liu, F., Cai, Z.: Machine learning combining with visualization for intrusion detection: a survey. In: Torra, V., Narukawa, Y., Navarro-Arribas, G., Yañez, C. (eds.) MDAI 2016. LNCS, vol. 9880, pp. 239–249. Springer, Cham (2016). doi:10.1007/978-3-319-45656-0_20
Yuan, Z., Lu, Y., Xue, Y.: Droiddetector: android malware characterization and detection using deep learning. Tsinghua Sci. Technol. 21(1), 114–123 (2016)
Acknowledgements
This work is supported by the National Natural Science Foundation of China under Grant Nos. 61379145, 61105050.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Yu, Y., Long, J., Cai, Z. (2017). Session-Based Network Intrusion Detection Using a Deep Learning Architecture. In: Torra, V., Narukawa, Y., Honda, A., Inoue, S. (eds) Modeling Decisions for Artificial Intelligence. MDAI 2017. Lecture Notes in Computer Science(), vol 10571. Springer, Cham. https://doi.org/10.1007/978-3-319-67422-3_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-67422-3_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-67421-6
Online ISBN: 978-3-319-67422-3
eBook Packages: Computer ScienceComputer Science (R0)