Abstract
Recently, intrusion detection systems (IDS) have been introduced to effectively secure networks. Using neural networks and machine learning in detecting and classifying intrusions are powerful alternative solutions. In this research paper, both of Gradient descent with momentum (GDM)-based back-propagation (BP) and Gradient descent with momentum and adaptive gain (GDM/AG)-based BP algorithms are utilized for training neural networks to operate like IDS. To investigate the efficiency of the two proposed learning schemes, a neural network based IDS is built using the proposed learning algorithms. The efficiency of both algorithms is inspected in terms of convergence speed to achieve system learning, and elapsed learning time using various settings of neural network parameters. The result demonstrated that the GDM/AG-based BP learning algorithm outperforms the GDM-based BP learning algorithm.
Similar content being viewed by others
References
Dass, M., Cannady, J., & Potter, W. D. (2003). Learning intrusion detection system. In The 16th international flairs conference (pp. 12–16), St. Augustine, Florida, May 12–14, 2003.
Cannady, J. (1998). Artificial neural networks for misuse detection. In National information systems security conference.
Valdes, A., & Anderson, D. (1995). Statistical methods for computer usage anomaly detection using NIDES. SRI International: Technical report.
Elfeshawy, N. A., & Faragallah, Osama S. (2013). Divided two-part adaptive intrusion detection system. Wireless Networks, 19, 301–321.
Zhang, Z., Li, J., Manikopoulos, C., Jorgenson, J., & Ucles, J. (2001). A hierarchical anomaly network intrusion detection system using neural network classification. In WSES International conference on: Neural networks and applications (NNA 01), February 2001.
Vinchurkar, D. P., & Reshamwala, A. (2012). A review of intrusion detection system using neural network and machine learning technique. International Journal of Engineering Science and Innovative Technology (IJESIT), 1(2), 54–63.
Sebring, M., Shellhouse, E., Hanna, M., & Whitehurst, R. (1988). Expert systems in intrusion detection: A case study. In Proceedings of the 11th national computer security conference.
Shin, M., & Park, C. (2000). A radial basis function approach to pattern recognition and its applications. ETRI Journal, 22(2), 1–10.
Picton, P. (2000). Neural networks (2nd ed.)., Grassroots series (Palgrave (Firm)) Basingstoke: Palgrave.
Montazer, G. A., Sabzevari, R., & Khatir, H. G. (2007). Improvement of learning algorithms for RBF neural networks in a helicopter sound identification system. Neurocomputing, 71(1–3), 167–173.
Lee, S. C., & Heinbuch, D. V. (2001). Training a neural network based intrusion detector to recognize novel attacks. IEEE Transactions on Systems Management and Cybernetics, 31(4), 294–299.
Dao, V., & Vemuri, R. (2001). Performance of neural networks methods in intrusion detection. Washington: Cyber Defense Initiative.
Amini, M., et al. (2004). Network-based intrusion detection using unsupervised adaptive resonance theory (ART). In Published in the proceedings of the 4th conference on engineering of intelligent systems (EIS 2004), Madeira, Portugal.
Ryan, J., Lin, M.-J., & Miikkulainen, R. (1998). Intrusion detection with neural networks. Austin: The University of Texas at Austin.
Allen, J., Christie, A., & Fithen, W. (2000). State of the practice of intrusion detection technologies. In Networked systems survivability program, January 2000.
Mukkamala, S., Janoski, G., & Sung, A. H. (2002). Intrusion detection using neural networks and support vector machines. In Proceedings of IEEE international joint conference on neural networks.
Sung, A., & Mukkamala, S. (2003). Identifying important features for intrusion detection using support vector machines and neural networks. In Symposium on applications and the internet (pp. 209–216).
Oryspayuli, O. D. (2006). What intrusion detection approaches work well if only TCP/IP packet header information is available?. Master Thesis, Faculty of Electrical Engineering, Mathematics and Computer Science, University of Twente, Enschede, The Netherlands, August 2006.
Modi, C., Patel, D., Borisaniya, B., Pate, H., Patel, A., & Rajarajan, M. (2013). A survey of intrusion detection techniques in Cloud. Journal of Network and Computer Applications, 36, 42–57.
Cannady, J. (1998). Applying neural networks for misuse detection. In Proceedings of 21st national information systems security conference (pp. 368–381).
Satpute, K., Agrawa, S., Agrawal, J., & Sharma, S., (2013) Survey on anomaly detection in network intrusion detection system using particle swarm optimization based machine learning techniques. In Proceedings of the international conference on frontiers of intelligent computing: Theory and applications (FICTA) advances in intelligent systems and computing (Vol. 199, pp. 441–452).
Carlson, M., & Scharlott, A. (2006). Intrusion detection and prevention systems. In CS536 May 05, 2006.
Alfantookh, A. A. (2006). DoS attacks intelligent detection using neural networks. Journal of King Saud University-Computer and Information Sciences, 18, 27–45.
Anderson, J. P. (1980). Computer security threat monitoring and surveillance, Technical report. Fort Washington, Pennsylvania: James P. Anderson Co.
Lu, K., Chen, Z., Jin, Z., & Guo, J. (2003). An adaptive real-time intrusion detection system using sequences of system call. In CCECE 2003.
Dutkevyach, T., Piskozub, A., & Tymoshyk, N. (2007). Real-time intrusion prevention and anomaly analyze system for corporate networks. In Fourth IEEE workshop on intelligent data acquisition and advanced computing systems: Technology and applications, IDAACS 2007 (pp. 599–602).
Zhengbing, H., Jun, S., & Shirochin, V. P. (2007). An intelligent lightweight intrusion detection system with forensic technique. In: 4th IEEE workshop on intelligent data acquisition and advanced computingsystems: Technology and applications, IDAACS 2007 (pp. 647–51).
Gu, C., & Zhang, X. (2009). A rough set and SVM based intrusion detection classifier. In Second international workshop on computer science and engineering.
Xia, Y.-X., Shi, Z.-C., Hu, Z.-H. (2009). An incremental SVM for intrusion detection based on key feature selection. In 3rd international symposium on intelligent information technology application, 2009.
Chen, R.-C., Cheng, K.-F., & Hsieh, C.-F. (2009). Using rough set and support vector machine for network intrusion detection. International Journal of Network Security & Its Applications (IJNSA), 1(1), 465–470.
Heba, F. E., Ashraf, D., Hassanien, A. E., & Abraham, A. (2010). Principle components analysis and support vector machine based intrusion detection system. In 10th international conference on Intelligent Systems Design and Applications (ISDA) (pp. 363–367). IEEE.
Shingo, M., Ci, C., Nannan, L., Kaoru, S., & Kotaro, H. (2011). An intrusion-detection model based on fuzzy class-association-rule mining using genetic network programming. IEEE Transactions On Systems, Man, and Cybernetics—Part C: Applications And Reviews 41(1).
Karthick, R. R., Hattiwale, V. P., & Balaraman, R. (2012). Adaptive network intrusion detection system using a hybrid approach. New York: IEEE.
Yogita B. Bhavsa and, Kalyani C.Waghmare, “intrusion Detection System Using Data Mining Technique: Support Vector Machine”, Int. J. of Emerging Technology and Advanced Engineering, Vol. 3, Issue 3, March 2013.
Han, H., Lu, X. L., Ren, L. Y. (2002). Using data mining to discover signatures in network-based intrusion detection. In Proceedings of the first international conference on machine learning and cybernetics (Vol. 1), Beijing.
Zhengbing, H, Zhitang, L., Jumgi, W. (2008). Novel A. Intrusion detection system (NIDS) based on signature search of data mining. In WKDD First Int. Workshop on Knowledge discovery and Data Ming; 2008 (pp. 6–10).
Lei, L., Yang, D.-Z., Shen, F.-C. (2010) A novel rule based intrusion detection system using data ming. In 3rd IEEE international conference on computer science and information technology 2010 (Vol. 6(1), pp. 69–72).
Ektefa, M., Dept. of IS, UPM, Serdang, Malaysia, Memar, S., Sidi, F., & Affendey, L. S. (2010) Intrusion detection using data mining techniques. In: Proceedings of international conference on information retrieval & knowledge management, (CAMP 2010) (pp. 17–18). March, 2010.
Nadiammai, G. V., & Hemalatha, M. (2014). Effective approach toward intrusion detection system using data mining techniques. Egyptian Informatics Journal, 15, 37–50.
Shyu, M. L, Chen, S. C., Sarinnapakorn, K., & Chang, L. (2003). A novel anomaly detection scheme based on principal component classifier. In IEEE foundations and new directions of data mining workshop (pp. 172–179), Nov 2003.
Ye, N., & Chen, Q. (2001). An anomaly detection technique based on a chi square statistic for detecting intrusions into information systems. Quality and Reliability Eng. Int’l, 17(2), 105–112.
Davis, J. J., & Clark, A. J. (2011). Data preprocessing for anomaly based network intrusion detection: Review. Computers & Security, 30, 353–375.
Jin, S., Yeung, D. S., & Wang, X. (2007). Network intrusion detection in covariance feature space. Pattern Recognition, 40, 2185–2197.
Wang, W., Zhang, X., & Gombault, S. (2009). Constructing attribute weights from computer audit data for effective intrusion detection. Journal of Systems and Software, 82, 1974–1981.
Casas, P., Mazel, J., & Owezarski, P. (2012). Unsupervised network intrusion detection systems: detecting the unknown without knowledge. Computer Communications, 35, 772–783.
Om, H., & Hazra, T. (2012). Statistical techniques in anomaly intrusion detection system. International Journal of Advances in Engineering & Technology, 387–398
Chen, Z., Qian, P., & Chen, Z. (2009). Application of PSO-RBF neural network in network intrusion detection. In Proceedings of the 3rd international symposium on intelligent information technology application (pp. 362–364).
Liu, Y. (2011). QPSO-optimized RBF neural network for network anomaly detection. Journal of Information & Computational Science, 8(9), 1479–1485.
Xu, R., Rui, A., & Xiao, F. (2011). Research intrusion detection based PSO-RBF classifier. In: Proceedings of IEEE 2nd international conference on software engineering and service science (ICSESS) (pp. 104–107).
Sayed, H. I. (2010). Utilization of neural networks for network intrusion detection systems. MSc Thesis, Department of Computer Science and Engineering, Faculty of Electronic Engineering, Menoufia University.
Sayed, H. I., Faragallah, O. S., & El-Fishawy, N. A. (2009). Neural network algorithms performance measure for intrusion detection. In Proceedings of the international computer engineering conference, (ICENCO), Cairo, Egypt, EG06.
Nawi, N. M., Ransing, M. R., & Ransing, R. S. (2007). An improved conjugate gradient based learning algorithm for back propagation neural networks. International Journal of Computational Intelligence, 4(1), 46–55.
Nawi, N. M., Ransing, R. S., Salleh, M. N. M., Ghazali, R., & Hamid, N. A. (2010). An Improved Back Propagation Neural Network Algorithm on Classification Problems. In DTA/BSBT 2010, CCIS 118 (pp. 177–188).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Ahmed, H.I., Elfeshawy, N.A., Elzoghdy, S.F. et al. A Neural Network-Based Learning Algorithm for Intrusion Detection Systems. Wireless Pers Commun 97, 3097–3112 (2017). https://doi.org/10.1007/s11277-017-4663-8
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-017-4663-8