Abstract
Network traffic has recently known tremendous growth, and it is set to explode over the next few years. Alongside the increase in traffic, network attacks have become more complex, advanced, and efficient. Therefore, intrusion detection systems (IDS), among other countermeasures, must be adapted accordingly to the development of new threats, which implies the design of new detection methods with better accuracy and adaptability characteristics. Furthermore, methods training and validation can be conducted only on the grounds of adequate datasets. Therefore, using updated datasets and efficient classifiers are key factors. In this paper, we introduce a new Deep Neural Network (DNN) based IDS model for network traffic classification. Experimental analysis is carried out using both the CICIDS2017 dataset, which contains many new and up-to-date attacks alongside the well-known NSL-KDD dataset. The results are analyzed based on different performance metrics. The proposed model proves an accuracy of 99.43% and 99.63% using CICIDS2017 and NSL-KDD datasets, respectively. Furthermore, the performance of the proposed DNN model has been compared with the most recent schemes and higher accuracy is achieved.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Abadi M, Agarwal A, Barham P, Brevdo E, Chen Z, Citro C, Corrado GS, Davis A, Dean J, Devin M, Ghemawat S (2016) Tensorflow: Large-scale machine learning on heterogeneous distributed systems. arXiv preprint arXiv:1603.04467
Abdulhammed R, Musafer H, Alessa A, Faezipour M, Abuzneid A (2019) Features dimensionality reduction approaches for machine learning based network intrusion detection. Electronics 8:322
Ahmim A, Maglaras L, Ferrag MA, Derdour M, Janicke H (2019) A novel hierarchical intrusion detection system based on decision tree and rules-based models. In: 2019 15th International conference on distributed computing in sensor systems (DCOSS), IEEE
Almi'ani M, Ghazleh AA, Al-Rahayfeh A, Razaque A (2018) Intelligent intrusion detection system using clustered self-organized map. In: Fifth international conference on software defined systems (SDS), pp 138–144
Boukhamla A, Coronel J (2018) CICIDS2017 dataset: performance improvements and validation as a robust intrusion detection system testbed. Int J Inform Comput Secur 9
Chandrashekhar AM, Raghuveer K (2014) Improvising an intrusion detection precision of ANN based hybrid NIDS by incorporating various data normalization techniques—a performance appraisal. Int J Res Eng Adv Technol 2(2):1–7
Chiba Z, Abghour N, Moussaid K, El-omri A, Rida M (2018) A novel architecture combined with optimal parameters for back propagation neural networks applied to anomaly network intrusion detection. Comput Secur. https://doi.org/10.1016/j.cose.2018.01.023
Dhanabal L, Shantharajah SP (2015) A study on NSL-KDD dataset for intrusion detection system based on classification algorithms. Int J Adv Res Comput Commun Eng 4(6):2319–5940
Gaidhane R, Vaidya C, Raghuwanshi M (2014) Intrusion detection and attack classification using back-propagation neural network. Int J Eng Res Technol 3(3):1112–1115
Gharib A, Sharafaldin I, Lashkari AH, Ghorbani AA (2016) An evaluation framework for intrusion detection dataset. In: International conference on information science and security (ICISS), IEEE.
Ghosh P, Mandal AK, Kumar R (2015) An efficient cloud network intrusion detection system. Information systems design and intelligent applications. Springer, Berlin, pp 91–99
Gogoi P, Bhattacharyya DK, Borah B, Kalita JK (2014) MLH-IDS: a multi-level hybrid intrusion detection method. Comput J 57(4):602–623. https://doi.org/10.1093/comjnl/bxt044
Hosseini S (2020) A new machine learning method consisting of GA-LR and ANN for attack detection. Wirel Netw 26(6):4149–4162
Jayalakshmi T, Santhakumaran A (2011) Statistical normalization and back propagation for classification. Int J Comput Theory Eng 3(1):1793–8201
Jyothsna VV, Prasad VR, Prasad KM (2011) A review of anomaly based intrusion detection systems. Int J Comput Appl 28(7):26–35
Karsoliya S (2012) Approximating number of hidden layer neurons in multiple hidden layer BPNN architecture. Int J Eng Trends Technol 3(6):714–717
Kim DE, Gofman M (2018) Comparison of shallow and deep neural networks for network intrusion detection. In: Computing and communication workshop and conference (CCWC) 2018 IEEE 8th Annual, pp 204–208
Kruegel C, Mutz D, Robertson W, Valeur F (2003) Bayesian event classification for intrusion detection. In: 19th Annual computer security applications conference, Proceedings. Las Vegas, NV, USA, 2003, pp 14–23
Kumar V (2012) Signature based intrusion detection system using SNORT. Int J Comput Appl Inf Technol 1(3):35–41
Kumar S, Yadav A (2014) Increasing performance of intrusion detection system using neural network. In: International conference advanced communication control and computing technologies (ICACCCT), IEEE, pp 546–550. https://doi.org/10.1109/icaccct.2014.7019145
Lokeswari N, Rao BC (2016) Artificial neural network classifier for intrusion detection system in computer network. In: Proceedings of the second international conference on computer and communication technologies, Springer India, pp 581–591. https://doi.org/10.1109/NCC.2016.7561088
Mukhopadhyay I, Chakraborty M, Chakrabarti S, Chatterjee T (2011) Back propagation neural network approach to Intrusion Detection System. In: Recent trends in information systems (ReTIS), IEEE, pp 303–308
Ring M, Wunderlich S, Scheuring D, Landes D, Hotho A (2019) A survey of network-based intrusion detection data sets. Comput Secur 86:147–167
Sen R, Chattopadhyay M, Sen N (2015) An efficient approach to develop an intrusion detection system based on multi-layer backpropagation neural network algorithm: IDS using BPNN algorithm. In: Proceedings of the 2015 ACM SIGMIS conference on computers and people research, ACM, pp 105–108
Shah B, Trivedi BH (2012) Artificial neural network based intrusion detection system: a survey. Int J Comput Appl 39(6):13–18. https://doi.org/10.5120/4823-7074
Sharafaldin I, Lashkari AH, Ghorbani AA (2018) Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: 4th international conference on information systems security and privacy (ICISSP), Portugal
Subba B, Biswas S, Karmakar S (2016) A neural network based system for intrusion detection and attack classification. In: 2016 Twenty second national conference on communication (NCC), Guwahati, pp 1–6
Tavallaee M, Bagheri E, Lu W, Ghorbani A (2009) A detailed analysis of the KDD CUP 99 data set. In: Submitted to second IEEE symposium on computational intelligence for security and defense applications (CISDA), pp 1–6
UNB (2020) Nsl-kdd data set for network-based intrusion detection systems. http://nsl.cs.unb.ca/kdd/nslkdd.html. Accessed 14 Aug 2019
Wolpert DH, Macready WG (1997) No free lunch theorems for optimization. IEEE Trans Evol Comput 1(1):67–82
Yulianto A, Sukarno P, Suwastika NA (2019) Improving AdaBoost-based intrusion detection system IDS performance on CICIDS-2017 Dataset. J Phys Conf Ser 1192:12–18
Zhou Z, Zhongwen C, Tiecheng Z, Xiaohui G (2010) The study on network intrusion detection system of Snort. In: 2010 International conference on networking and digital society, Wenzhou, pp 194–196
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Azzaoui, H., Boukhamla, A.Z.E., Arroyo, D. et al. Developing new deep-learning model to enhance network intrusion classification. Evolving Systems 13, 17–25 (2022). https://doi.org/10.1007/s12530-020-09364-z
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12530-020-09364-z