ABSTRACT
The number of network attacks has also increased rapidly. Therefore, it is necessary to conduct in-depth research on network intrusion detection technologies. Compared with traditional intrusion detection systems, AI-based intrusion detection systems can better detect network traffic, with lower false positive and false negative rates. This paper first expanded the CIC-IDS-2017 dataset by adding two new attack forms. Secondly, the SMOTE algorithm was used to expand the minority samples in the dataset. Through the sequence forward selection algorithm based on decision trees, the features in the dataset were selected, improving the algorithm's efficiency without significantly affecting its accuracy. Finally, a multi-task network intrusion detection model was constructed by integrating the prediction results of the recurrent neural network model and the one-class support vector machine model to determine the final network traffic type. The system has been quite successful in achieving all of its initial goals at this stage of research. The system achieved a detection accuracy of over 90% for network traffic can predict unknown types of attack traffic. The real-time detection function allows the system to be applied to practical network traffic detection on a daily basis.
- Liu J H, Zhang A L, Huang Z Q, Huang D Y, Chen X W. Optimization and dimensionality reduction analysis of CSE-CIC-IDS2018 intrusion detection dataset based on machine learning. Fire and Command&Control, 2021: 155-162Google Scholar
- Sharafaldin I, Lashkari A H, Ghorbani A A A Detailed Analysis of the CICIDS2017 Data Set Springer, Cham, 2018:1057-1072Google Scholar
- Wang L M. Research on Network Intrusion Detection Algorithm Based on Machine Learning. Beijing Jiaotong University, 2020:158-171Google Scholar
- Hu L W. Research and Implementation of Deep Learning Method for Malicious Traffic. Identification Based on Multi task. Nanjing University of Posts and Telecommunications, 2021:234-246Google Scholar
- Ye Q, Tan T, Sun Y J. An overview of intrusion detection systems based on deep learning. Information Security and Communication Privacy, 2021: 96-104Google Scholar
- Sajid A. Analysis of intrusion detection system based on machine learning and deep learning .Technology NCEPU, 2021:314-318Google Scholar
- Ranjit P, Samarjeet B. A detailed analysis of CICIDS2017 data set for designing. Intrusion Detection Systems International Journal of Engineering&Technology, January 2018: 479-482Google Scholar
- Zhang H, Zhang X Y, Zhang Z Y, Li W. An overview of intrusion detection models based on deep learning. Computer Engineering and Applications, 2022: 17-28Google Scholar
- Li L J, Li M, Bi H J, Zhou H C. Multi type low rate DDoS attack detection method based on hybrid deep learning. Journal of Network and Information Security, 2022: 73-85Google Scholar
- Yang J. Research on real-time attack detection technology based on network flow characteristics. Beijing University of Posts and Telecommunications, 2021:251-263Google Scholar
- Ghazaros B Y, Yu Y Y, Manawa A. Model for detection of masquerade attacks based on variable-length sequences. IEEE Access. 2020: 210140–210157Google Scholar
- Le T H, Kim Y, Kim H. Network intrusion detection based on novel feature selection model and various recurrent neural networks. Appl. Sci. 2019; 1392Google Scholar
- Zhang N, Deng S, Sun Z, Chen X, Zhang X, Chen H. Attentionbased capsule networks with dynamic routing for relation extraction. Proc. Conf. Empirical Methods Natural Lang. Process. 2018. pp. 986–992Google Scholar
- Liu X M, Yue J L. Real-time anomaly attack detection based on an improved variable length model, Journal of Computational Methods in Sciences and Engineering. 2023:1179–1195Google Scholar
- Sabour S, Frosst N, Hinton GE. Dynamic routing between capsules. Proc. 31st Int. Conf, Neural Inf. Process. 2017. pp. 3859–3869Google Scholar
- Lu Q C. Design and implementation of Linux host intrusion detection system. Huazhong University of science and technology. 2019; 310–321Google Scholar
- Jeremy J; Kelly B. Global Cybersecurity Forum. World Economic Forum, 2022:544-558Google Scholar
- Le T T H, Kim Y, Kim H Network Intrusion Detection Based on New Feature Selection Model and Various Recurrent Neural Networks Applied Sciences, 2019:212-225Google Scholar
- Ranjit P, Samarjeet B. A detailed analysis of CICIDS2017 data set for designing. Intrusion Detection Systems International Journal of Engineering&Technology, January 2018: 479-482Google Scholar
- Sharafaldin I, Lashkari A H, Ghorbani A A. Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization. International Conference on Information Systems Security. 2022:310-323Google Scholar
- Sajid A. Analysis of intrusion detection system based on machine learning and deep learning technology. NCEPU, 2021:1045-1059Google Scholar
- Kamil Z, Yusof R, Bahman N, Benchmarking of Machine Learning for Anomaly Based. Intrusion Detection Systems in the CICIDS2017 Dataset IEEE Access, 2021:105-123Google Scholar
Index Terms
- Research on Network Intrusion Detection Techniques Based on Feature Selection Model and Recurrent Neural Network
Recommendations
Network Intrusion Detection Based on Neural Networks and D-S Evidence
Image and Video Technology – PSIVT 2015 WorkshopsAbstractNetwork traffic data is an important source of data to establish a network intrusion detection system (NIDS). The explosive growth of the network traffic data brings a huge challenge to network intrusion detection, and video traffic packet has ...
Enhancing byte-level network intrusion detection signatures with context
CCS '03: Proceedings of the 10th ACM conference on Computer and communications securityMany network intrusion detection systems (NIDS) use byte sequences as signatures to detect malicious activity. While being highly efficient, they tend to suffer from a high false-positive rate. We develop the concept of contextual signatures as an ...
Network intrusion detection
Intrusion detection is a new, retrofit approach for providing a sense of security in existing computers and data networks, while allowing them to operate in their current "open" mode. The goal of intrusion detection is to identify unauthorized use, ...
Comments