Network anomaly detection using channel boosted and residual learning based deep convolutional neural network

Abstract Anomaly detection in a network is one of the prime concerns for network security. In this work, a novel Channel Boosted and Residual learning based deep Convolutional Neural Network (CBR-CNN) architecture is proposed for the detection of network intrusions. The proposed methodology is based on inherent nature of the anomaly detection in which one class classification approach is used to detect network intrusion. This is accomplished by the modelling of normal network traffic distribution using Stacked Autoencoders (SAE). Using unsupervised training, SAE transforms the original feature space into a reconstructed feature space, which is further transformed via the proposed concept of channel boosting. Additionally, in order to increase the representational power of the neural network and the diversity in features representation, a multipath residual learning based CNN architecture is proposed to learn features at different levels of granularity. Performance of the proposed CBR-CNN technique is evaluated on NSL-KDD dataset. Our proposed method showed significant improvement over the existing techniques, achieving accuracy, AU-ROC, and AU-PR of 89.41%, 0.9473, and 0.9443 on Test + and 80.36%, 0.7348 and 0.9034 on Test−21 dataset, respectively.

[1]  Ashraf Darwish,et al.  Principle components analysis and Support Vector Machine based Intrusion Detection System , 2010, 2010 10th International Conference on Intelligent Systems Design and Applications.

[2]  Lixiang Li,et al.  Nearest neighbors based density peaks approach to intrusion detection , 2018 .

[3]  Gregory J. Conti,et al.  Toward Instrumenting Network Warfare Competitions to Generate Labeled Datasets , 2009, CSET.

[4]  Olatz Arbelaitz,et al.  Service-independent payload analysis to improve intrusion detection in network traffic , 2008, AusDM.

[5]  Asifullah Khan,et al.  A New Channel Boosted Convolution Neural Network using Transfer Learning , 2018, ArXiv.

[6]  Jürgen Schmidhuber,et al.  Highway Networks , 2015, ArXiv.

[7]  Manas Ranjan Patra,et al.  Discriminative multinomial Naïve Bayes for network intrusion detection , 2010, 2010 Sixth International Conference on Information Assurance and Security.

[8]  Muhammad Hanif Durad,et al.  Intrusion detection using deep sparse auto-encoder and self-taught learning , 2019, Neural Computing and Applications.

[9]  P. Natesan,et al.  Cascaded classifier approach based on Adaboost to increase detection rate of rare network attack categories , 2012, 2012 International Conference on Recent Trends in Information Technology.

[10]  Monark Bag,et al.  Cascading of C4.5 Decision Tree and Support Vector Machine for Rule Based Intrusion Detection System , 2012 .

[11]  Dumitru Erhan,et al.  Going deeper with convolutions , 2014, 2015 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[12]  Asifullah Khan,et al.  A Recent Survey on the Applications of Genetic Programming in Image Processing , 2019, ArXiv.

[13]  Mamun Bin Ibne Reaz,et al.  A novel weighted support vector machines multiclass classifier based on differential evolution for intrusion detection systems , 2017, Inf. Sci..

[14]  V. Barnett,et al.  Applied Linear Statistical Models , 1975 .

[15]  Hany M. Harb,et al.  Adaboost Ensemble with Genetic Algorithm Post Optimization for Intrusion Detection , 2011 .

[16]  Miguel Cazorla,et al.  Semi-supervised 3D object recognition through CNN labeling , 2018, Appl. Soft Comput..

[17]  Neelam Sharma,et al.  INTRUSION DETECTION USING NAIVE BAYES CLASSIFIER WITH FEATURE REDUCTION , 2012 .

[18]  Mansour Sheikhan,et al.  Intrusion detection using reduced-size RNN based on feature grouping , 2010, Neural Computing and Applications.

[19]  Siyang Zhang,et al.  A novel hybrid KPCA and SVM with GA model for intrusion detection , 2014, Appl. Soft Comput..

[20]  Yoshua. Bengio,et al.  Learning Deep Architectures for AI , 2007, Found. Trends Mach. Learn..

[21]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[22]  José García Rodríguez,et al.  A survey on deep learning techniques for image and video semantic segmentation , 2018, Appl. Soft Comput..

[23]  Vasilios Katos,et al.  Network intrusion detection: Evaluating cluster, discriminant, and logit analysis , 2007, Inf. Sci..

[24]  Jiankun Hu,et al.  Generation of a new IDS test dataset: Time to retire the KDD collection , 2013, 2013 IEEE Wireless Communications and Networking Conference (WCNC).

[25]  Shahram Jamali,et al.  An intelligent intrusion detection system by using hierarchically structured learning automata , 2015, Neural Computing and Applications.

[26]  Asifullah Khan,et al.  A survey of the recent architectures of deep convolutional neural networks , 2019, Artificial Intelligence Review.

[27]  Yu-Lin He,et al.  Fuzziness based semi-supervised learning approach for intrusion detection system , 2017, Inf. Sci..

[28]  Andrey Ignatov,et al.  Real-time human activity recognition from accelerometer data using Convolutional Neural Networks , 2018, Appl. Soft Comput..

[29]  Reyadh Shaker Naoum,et al.  An Enhanced Resilient Backpropagation Artificial Neural Network for Intrusion Detection System , 2012 .

[30]  Philip Hingston,et al.  Evolving statistical rulesets for network intrusion detection , 2015, Appl. Soft Comput..