Skip to main content
SpringerLink
Log in

A Neural Network-Based Learning Algorithm for Intrusion Detection Systems

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Recently, intrusion detection systems (IDS) have been introduced to effectively secure networks. Using neural networks and machine learning in detecting and classifying intrusions are powerful alternative solutions. In this research paper, both of Gradient descent with momentum (GDM)-based back-propagation (BP) and Gradient descent with momentum and adaptive gain (GDM/AG)-based BP algorithms are utilized for training neural networks to operate like IDS. To investigate the efficiency of the two proposed learning schemes, a neural network based IDS is built using the proposed learning algorithms. The efficiency of both algorithms is inspected in terms of convergence speed to achieve system learning, and elapsed learning time using various settings of neural network parameters. The result demonstrated that the GDM/AG-based BP learning algorithm outperforms the GDM-based BP learning algorithm.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Dass, M., Cannady, J., & Potter, W. D. (2003). Learning intrusion detection system. In The 16th international flairs conference (pp. 12–16), St. Augustine, Florida, May 12–14, 2003.

  2. Cannady, J. (1998). Artificial neural networks for misuse detection. In National information systems security conference.

  3. Valdes, A., & Anderson, D. (1995). Statistical methods for computer usage anomaly detection using NIDES. SRI International: Technical report.

    Google Scholar 

  4. Elfeshawy, N. A., & Faragallah, Osama S. (2013). Divided two-part adaptive intrusion detection system. Wireless Networks, 19, 301–321.

    Article  Google Scholar 

  5. Zhang, Z., Li, J., Manikopoulos, C., Jorgenson, J., & Ucles, J. (2001). A hierarchical anomaly network intrusion detection system using neural network classification. In WSES International conference on: Neural networks and applications (NNA 01), February 2001.

  6. Vinchurkar, D. P., & Reshamwala, A. (2012). A review of intrusion detection system using neural network and machine learning technique. International Journal of Engineering Science and Innovative Technology (IJESIT), 1(2), 54–63.

    Google Scholar 

  7. Sebring, M., Shellhouse, E., Hanna, M., & Whitehurst, R. (1988). Expert systems in intrusion detection: A case study. In Proceedings of the 11th national computer security conference.

  8. Shin, M., & Park, C. (2000). A radial basis function approach to pattern recognition and its applications. ETRI Journal, 22(2), 1–10.

    Article  Google Scholar 

  9. Picton, P. (2000). Neural networks (2nd ed.)., Grassroots series (Palgrave (Firm)) Basingstoke: Palgrave.

    Google Scholar 

  10. Montazer, G. A., Sabzevari, R., & Khatir, H. G. (2007). Improvement of learning algorithms for RBF neural networks in a helicopter sound identification system. Neurocomputing, 71(1–3), 167–173.

    Article  Google Scholar 

  11. Lee, S. C., & Heinbuch, D. V. (2001). Training a neural network based intrusion detector to recognize novel attacks. IEEE Transactions on Systems Management and Cybernetics, 31(4), 294–299.

    Article  Google Scholar 

  12. Dao, V., & Vemuri, R. (2001). Performance of neural networks methods in intrusion detection. Washington: Cyber Defense Initiative.

    Google Scholar 

  13. Amini, M., et al. (2004). Network-based intrusion detection using unsupervised adaptive resonance theory (ART). In Published in the proceedings of the 4th conference on engineering of intelligent systems (EIS 2004), Madeira, Portugal.

  14. Ryan, J., Lin, M.-J., & Miikkulainen, R. (1998). Intrusion detection with neural networks. Austin: The University of Texas at Austin.

    Google Scholar 

  15. Allen, J., Christie, A., & Fithen, W. (2000). State of the practice of intrusion detection technologies. In Networked systems survivability program, January 2000.

  16. Mukkamala, S., Janoski, G., & Sung, A. H. (2002). Intrusion detection using neural networks and support vector machines. In Proceedings of IEEE international joint conference on neural networks.

  17. Sung, A., & Mukkamala, S. (2003). Identifying important features for intrusion detection using support vector machines and neural networks. In Symposium on applications and the internet (pp. 209–216).

  18. Oryspayuli, O. D. (2006). What intrusion detection approaches work well if only TCP/IP packet header information is available?. Master Thesis, Faculty of Electrical Engineering, Mathematics and Computer Science, University of Twente, Enschede, The Netherlands, August 2006.

  19. Modi, C., Patel, D., Borisaniya, B., Pate, H., Patel, A., & Rajarajan, M. (2013). A survey of intrusion detection techniques in Cloud. Journal of Network and Computer Applications, 36, 42–57.

    Article  Google Scholar 

  20. Cannady, J. (1998). Applying neural networks for misuse detection. In Proceedings of 21st national information systems security conference (pp. 368–381).

  21. Satpute, K., Agrawa, S., Agrawal, J., & Sharma, S., (2013) Survey on anomaly detection in network intrusion detection system using particle swarm optimization based machine learning techniques. In Proceedings of the international conference on frontiers of intelligent computing: Theory and applications (FICTA) advances in intelligent systems and computing (Vol. 199, pp. 441–452).

  22. Carlson, M., & Scharlott, A. (2006). Intrusion detection and prevention systems. In CS536 May 05, 2006.

  23. Alfantookh, A. A. (2006). DoS attacks intelligent detection using neural networks. Journal of King Saud University-Computer and Information Sciences, 18, 27–45.

    Article  Google Scholar 

  24. Anderson, J. P. (1980). Computer security threat monitoring and surveillance, Technical report. Fort Washington, Pennsylvania: James P. Anderson Co.

  25. Lu, K., Chen, Z., Jin, Z., & Guo, J. (2003). An adaptive real-time intrusion detection system using sequences of system call. In CCECE 2003.

  26. Dutkevyach, T., Piskozub, A., & Tymoshyk, N. (2007). Real-time intrusion prevention and anomaly analyze system for corporate networks. In Fourth IEEE workshop on intelligent data acquisition and advanced computing systems: Technology and applications, IDAACS 2007 (pp. 599–602).

  27. Zhengbing, H., Jun, S., & Shirochin, V. P. (2007). An intelligent lightweight intrusion detection system with forensic technique. In: 4th IEEE workshop on intelligent data acquisition and advanced computingsystems: Technology and applications, IDAACS 2007 (pp. 647–51).

  28. Gu, C., & Zhang, X. (2009). A rough set and SVM based intrusion detection classifier. In Second international workshop on computer science and engineering.

  29. Xia, Y.-X., Shi, Z.-C., Hu, Z.-H. (2009). An incremental SVM for intrusion detection based on key feature selection. In 3rd international symposium on intelligent information technology application, 2009.

  30. Chen, R.-C., Cheng, K.-F., & Hsieh, C.-F. (2009). Using rough set and support vector machine for network intrusion detection. International Journal of Network Security & Its Applications (IJNSA), 1(1), 465–470.

    Google Scholar 

  31. Heba, F. E., Ashraf, D., Hassanien, A. E., & Abraham, A. (2010). Principle components analysis and support vector machine based intrusion detection system. In 10th international conference on Intelligent Systems Design and Applications (ISDA) (pp. 363–367). IEEE.

  32. Shingo, M., Ci, C., Nannan, L., Kaoru, S., & Kotaro, H. (2011). An intrusion-detection model based on fuzzy class-association-rule mining using genetic network programming. IEEE Transactions On Systems, Man, and Cybernetics—Part C: Applications And Reviews 41(1).

  33. Karthick, R. R., Hattiwale, V. P., & Balaraman, R. (2012). Adaptive network intrusion detection system using a hybrid approach. New York: IEEE.

    Google Scholar 

  34. Yogita B. Bhavsa and, Kalyani C.Waghmare, “intrusion Detection System Using Data Mining Technique: Support Vector Machine”, Int. J. of Emerging Technology and Advanced Engineering, Vol. 3, Issue 3, March 2013.

  35. Han, H., Lu, X. L., Ren, L. Y. (2002). Using data mining to discover signatures in network-based intrusion detection. In Proceedings of the first international conference on machine learning and cybernetics (Vol. 1), Beijing.

  36. Zhengbing, H, Zhitang, L., Jumgi, W. (2008). Novel A. Intrusion detection system (NIDS) based on signature search of data mining. In WKDD First Int. Workshop on Knowledge discovery and Data Ming; 2008 (pp. 6–10).

  37. Lei, L., Yang, D.-Z., Shen, F.-C. (2010) A novel rule based intrusion detection system using data ming. In 3rd IEEE international conference on computer science and information technology 2010 (Vol. 6(1), pp. 69–72).

  38. Ektefa, M., Dept. of IS, UPM, Serdang, Malaysia, Memar, S., Sidi, F., & Affendey, L. S. (2010) Intrusion detection using data mining techniques. In: Proceedings of international conference on information retrieval & knowledge management, (CAMP 2010) (pp. 17–18). March, 2010.

  39. Nadiammai, G. V., & Hemalatha, M. (2014). Effective approach toward intrusion detection system using data mining techniques. Egyptian Informatics Journal, 15, 37–50.

    Article  Google Scholar 

  40. Shyu, M. L, Chen, S. C., Sarinnapakorn, K., & Chang, L. (2003). A novel anomaly detection scheme based on principal component classifier. In IEEE foundations and new directions of data mining workshop (pp. 172–179), Nov 2003.

  41. Ye, N., & Chen, Q. (2001). An anomaly detection technique based on a chi square statistic for detecting intrusions into information systems. Quality and Reliability Eng. Int’l, 17(2), 105–112.

    Article  Google Scholar 

  42. Davis, J. J., & Clark, A. J. (2011). Data preprocessing for anomaly based network intrusion detection: Review. Computers & Security, 30, 353–375.

    Article  Google Scholar 

  43. Jin, S., Yeung, D. S., & Wang, X. (2007). Network intrusion detection in covariance feature space. Pattern Recognition, 40, 2185–2197.

    Article  MATH  Google Scholar 

  44. Wang, W., Zhang, X., & Gombault, S. (2009). Constructing attribute weights from computer audit data for effective intrusion detection. Journal of Systems and Software, 82, 1974–1981.

    Article  Google Scholar 

  45. Casas, P., Mazel, J., & Owezarski, P. (2012). Unsupervised network intrusion detection systems: detecting the unknown without knowledge. Computer Communications, 35, 772–783.

    Article  Google Scholar 

  46. Om, H., & Hazra, T. (2012). Statistical techniques in anomaly intrusion detection system. International Journal of Advances in Engineering & Technology, 387–398

  47. Chen, Z., Qian, P., & Chen, Z. (2009). Application of PSO-RBF neural network in network intrusion detection. In Proceedings of the 3rd international symposium on intelligent information technology application (pp. 362–364).

  48. Liu, Y. (2011). QPSO-optimized RBF neural network for network anomaly detection. Journal of Information & Computational Science, 8(9), 1479–1485.

    Google Scholar 

  49. Xu, R., Rui, A., & Xiao, F. (2011). Research intrusion detection based PSO-RBF classifier. In: Proceedings of IEEE 2nd international conference on software engineering and service science (ICSESS) (pp. 104–107).

  50. Sayed, H. I. (2010). Utilization of neural networks for network intrusion detection systems. MSc Thesis, Department of Computer Science and Engineering, Faculty of Electronic Engineering, Menoufia University.

  51. Sayed, H. I., Faragallah, O. S., & El-Fishawy, N. A. (2009). Neural network algorithms performance measure for intrusion detection. In Proceedings of the international computer engineering conference, (ICENCO), Cairo, Egypt, EG06.

  52. Nawi, N. M., Ransing, M. R., & Ransing, R. S. (2007). An improved conjugate gradient based learning algorithm for back propagation neural networks. International Journal of Computational Intelligence, 4(1), 46–55.

    Google Scholar 

  53. Nawi, N. M., Ransing, R. S., Salleh, M. N. M., Ghazali, R., & Hamid, N. A. (2010). An Improved Back Propagation Neural Network Algorithm on Classification Problems. In DTA/BSBT 2010, CCIS 118 (pp. 177–188).

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Faculty of Electronic Engineering, Menoufia University, Menouf, 32952, Egypt

    Hassan I. Ahmed, Nawal A. Elfeshawy & Osama S. Faragallah

  2. Department of Mathematics and Computer Science, Faculty of Science, Menoufia University, Shebin El-kom, Egypt

    S. F. Elzoghdy

  3. Department of Electrical Engineering, Faculty of Engineering, Menoufia University, Shebin El-kom, 32511, Egypt

    Hala S. El-sayed

  4. Department of Information Technology, College of Computers and Information Technology, Taif University, Al-Hawiya, 21974, Kingdom of Saudi Arabia

    S. F. Elzoghdy & Osama S. Faragallah

Authors
  1. Hassan I. Ahmed
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nawal A. Elfeshawy
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. S. F. Elzoghdy
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hala S. El-sayed
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Osama S. Faragallah
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Osama S. Faragallah.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ahmed, H.I., Elfeshawy, N.A., Elzoghdy, S.F. et al. A Neural Network-Based Learning Algorithm for Intrusion Detection Systems. Wireless Pers Commun 97, 3097–3112 (2017). https://doi.org/10.1007/s11277-017-4663-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-017-4663-8

Keywords

Search

Navigation