ABSTRACT
Automated Intrusion Detection Systems (IDS) are the first line of defense that monitor network activity to profile and identify suspicious activity. This detection of intrusion is further complicated due to the emergence of sophisticated network based attacks that are difficult to identify. Deep learning approaches have proven to be effective in isolating such attacks through efficient identification of non-linear relationships in data. In this work, we propose a hierarchical Convolutional Neural Network approach , TreeNets, that can be used as an IDS to identify the attacks and segregate them into binary outcomes. The paper depicts the usage of Binary Grey Wolf Optimization approach for identifying the optimal set of features. We exhibit three variants of TreeNets and compare their performance against state of the art machine learning and deep learning models on the NSLKDD dataset. Experimental results depict a competitive performance with an accuracy of 82.16% and 66.37% on KDDTest+ and KDD-Test-21 respectively.
- James Bergstra, Rémi Bardenet, Yoshua Bengio, and Balázs Kégl. 2011. Algorithms for Hyper-Parameter Optimization. In Proceedings of the 24th International Conference on Neural Information Processing Systems (Granada, Spain) (NIPS’11). Curran Associates Inc., Red Hook, NY, USA, 2546–2554.Google ScholarDigital Library
- James Bergstra, Daniel Yamins, and David Cox. 2013. Making a science of model search: Hyperparameter optimization in hundreds of dimensions for vision architectures. In International conference on machine learning. JMLR.org, Atlanta, GA, USA, 115–123.Google Scholar
- Eid Emary, Hossam M Zawbaa, and Aboul Ella Hassanien. 2016. Binary grey wolf optimization approaches for feature selection. Neurocomputing 172(2016), 371–381.Google ScholarDigital Library
- Ruigang Fu, Biao Li, Yinghui Gao, and Ping Wang. 2018. CNN with coarse-to-fine layer for hierarchical classification. IET Computer Vision 12, 6 (2018), 892–899. https://doi.org/10.1049/iet-cvi.2017.0636Google ScholarDigital Library
- Cosimo Ieracitano, Ahsan Adeel, Francesco Carlo Morabito, and Amir Hussain. 2020. A novel statistical analysis and autoencoder driven intelligent intrusion detection approach. Neurocomputing 387(2020), 51–62.Google ScholarDigital Library
- Bhupendra Ingre and Anamika Yadav. 2015. Performance analysis of NSL-KDD dataset using ANN. In 2015 international conference on signal processing and communication engineering systems. IEEE, Ottawa, ON, Canada, 92–96. https://doi.org/10.1109/SPACES.2015.7058223Google ScholarCross Ref
- Yiling Jia, Nipun Batra, Hongning Wang, and Kamin Whitehouse. 2019. A Tree-Structured Neural Network Model for Household Energy Breakdown. In The World Wide Web Conference(WWW ’19). Association for Computing Machinery, New York, NY, USA, 2872–2878. https://doi.org/10.1145/3308558.3313405Google ScholarDigital Library
- Jie Jiang, Lei Liu, and Guangjun Zhang. 2019. Star Identification Based on Spider-Web Image and Hierarchical CNN. IEEE Trans. Aerospace Electron. Systems 56, 4 (2019), 3055–3062.Google ScholarCross Ref
- Kaiyuan Jiang, Wenya Wang, Aili Wang, and Haibin Wu. 2020. Network intrusion detection combined hybrid sampling with deep hierarchical network. IEEE Access 8(2020), 32464–32476.Google ScholarCross Ref
- Thi-Thu-Huong Le, Yongsu Kim, Howon Kim, 2019. Network intrusion detection based on novel feature selection model and various recurrent neural networks. Applied Sciences 9, 7 (2019), 1392.Google ScholarCross Ref
- Ji-Eun Lee, Min-Joo Kang, and Je-Won Kang. 2017. Ensemble of binary tree structured deep convolutional network for image classification. In 2017 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC). IEEE, Kuala Lumpur, Malaysia, 1448–1451.Google ScholarCross Ref
- Zhipeng Li, Zheng Qin, Kai Huang, Xiao Yang, and Shuxiong Ye. 2017. Intrusion detection using convolutional neural networks for representation learning. In International Conference on Neural Information Processing. Springer, Cham, 858–866.Google ScholarDigital Library
- Manuel Lopez-Martin, Belen Carro, and Antonio Sanchez-Esguevillas. 2020. Application of deep reinforcement learning to intrusion detection for supervised problems. Expert Systems with Applications 141 (2020), 112963.Google ScholarDigital Library
- P Macho, N Kurz, A Ulges, R Brylka, T Gietzen, and U Schwanecke. 2018. Segmenting teeth from volumetric ct data with a hierarchical cnn-based approach. In Computer Graphics and Visual Computing, CGVC 2018(CGVC ’18). Eurographics Association, Goslar, DEU, 109–113. https://doi.org/10.2312/cgvc.20181213Google ScholarDigital Library
- Pankaj Malhotra, Lovekesh Vig, Gautam Shroff, and Puneet Agarwal. 2015. Long short term memory networks for anomaly detection in time series. In Proceedings, Vol. 89. Presses universitaires de Louvain, 89–94.Google Scholar
- Xuehong Mao, Samer Hijazi, Raúl Casas, Piyush Kaul, Rishi Kumar, and Chris Rowen. 2016. Hierarchical CNN for traffic sign recognition. In 2016 IEEE Intelligent Vehicles Symposium (IV). IEEE, Gothenburg, 130–135.Google Scholar
- Seyedali Mirjalili, Seyed Mohammad Mirjalili, and Andrew Lewis. 2014. Grey wolf optimizer. Advances in engineering software 69 (2014), 46–61.Google Scholar
- Setareh Roshan, Yoan Miche, Anton Akusok, and Amaury Lendasse. 2018. Adaptive and online network intrusion detection system using clustering and extreme learning machines. Journal of the Franklin Institute 355, 4 (2018), 1752–1779.Google ScholarCross Ref
- Deboleena Roy, Priyadarshini Panda, and Kaushik Roy. 2020. Tree-CNN: A hierarchical Deep Convolutional Neural Network for incremental learning. Neural Networks 121(2020), 148 – 160. https://doi.org/10.1016/j.neunet.2019.09.010Google ScholarDigital Library
- Kamalakanta Sethi, E. Sai Rupesh, Rahul Kumar, Padmalochan Bera, and Y. Venu Madhav. 2020. A context-aware robust intrusion detection system: a reinforcement learning-based approach. Int. J. Inf. Secur. 19, 6 (Dec 2020), 657–678. https://doi.org/10.1007/s10207-019-00482-7Google ScholarDigital Library
- Mahbod Tavallaee, Ebrahim Bagheri, Wei Lu, and Ali A Ghorbani. 2009. A detailed analysis of the KDD CUP 99 data set. In 2009 IEEE symposium on computational intelligence for security and defense applications. IEEE, Ottawa, ON, 1–6.Google ScholarCross Ref
- Zhenhua Wang, Xingxing Wang, and Gang Wang. 2018. Learning fine-grained features via a CNN Tree for Large-scale Classification. Neurocomputing 275(2018), 1231 – 1240. https://doi.org/10.1016/j.neucom.2017.09.061Google ScholarCross Ref
- Chuanlong Yin, Yuefei Zhu, Jinlong Fei, and Xinzheng He. 2017. A deep learning approach for intrusion detection using recurrent neural networks. Ieee Access 5(2017), 21954–21961.Google ScholarCross Ref
- Kai Yue, Lei Yang, Ruirui Li, Wei Hu, Fan Zhang, and Wei Li. 2019. TreeUNet: Adaptive Tree convolutional neural networks for subdecimeter aerial image segmentation. ISPRS Journal of Photogrammetry and Remote Sensing 156 (2019), 1 – 13. https://doi.org/10.1016/j.isprsjprs.2019.07.007Google ScholarCross Ref
- Xiaomei Zhang, Yingying Chen, Bingke Zhu, Jinqiao Wang, Ming Tang, and Hanqing Lu. 2018. Tree Hierarchical CNNs for Object Parsing. In Proceedings - International Conference on Image Processing, ICIP. IEEE, Athens, 1588–1592. https://doi.org/10.1109/ICIP.2018.8451301Google ScholarCross Ref
Recommendations
Intrusion Detection System for NSL-KDD Dataset Using Convolutional Neural Networks
CSAI '18: Proceedings of the 2018 2nd International Conference on Computer Science and Artificial IntelligenceWith the increment of cyber traffic, there is a growing demand for cyber security. How to accurately detect cyber intrusions is the hotspot of recent research. Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, ...
Network Intrusion Detection: Automated and Manual Methods Prone to Attack and Evasion
In this article, the authors describe common intrusion detection techniques, NIDS evasion methods, and how NIDSs detect intrusions. Additionally, we introduce new evasion methods, present test results for confirming attack outcomes based on server ...
Rule generalisation in intrusion detection systems using SNORT
Intrusion Detection Systems (IDSs) provide an important layer of security for computer systems and networks. An IDS's responsibility is to detect suspicious or unacceptable system and network activity and to alert a systems administrator to this ...
Comments