A Simple Recurrent Unit Model Based Intrusion Detection System With DCGAN

Due to the complex and time-varying network environments, traditional methods are difficult to extract accurate features of intrusion behavior from the high-dimensional data samples and process the high-volume of these data efficiently. Even worse, the network intrusion samples are submerged into a large number of normal data packets, which leads to insufficient samples for model training; therefore it is accompanied by high false detection rates. To address the challenge of unbalanced positive and negative learning samples, we propose using deep convolutional generative adversarial networks (DCGAN), which allows features to be extracted directly from the rawdata, and then generates new training-sets by learning from the rawdata. Given the fact that the attack samples are usually intra-dependent time sequence data, we apply long short-term memory (LSTM) to automatically learn the features of network intrusion behaviors. However, it is hard to parallelize the learning/training of the LSTM network, since the LSTM algorithm depends on the result of the previous moment. To remove such dependency and enable intrusion detection in real time, we propose a simple recurrent unit based (SRU)-based model. The proposed model was verified by extensive experiments on the benchmark datasets KDD’99 and NSL-KDD, which effectively identifies normal and abnormal network activities. It achieves 99.73% accuracy on the KDD’99 dataset and 99.62% on the NSL-KDD dataset.

[1]  K. Muneeswaran,et al.  Firefly algorithm based feature selection for network intrusion detection , 2019, Comput. Secur..

[2]  Jürgen Schmidhuber,et al.  Learning to forget: continual prediction with LSTM , 1999 .

[3]  Kevin Jones,et al.  Early Stage Malware Prediction Using Recurrent Neural Networks , 2017, Comput. Secur..

[4]  Blase Ur,et al.  Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks , 2016, USENIX Annual Technical Conference.

[5]  Björn W. Schuller,et al.  Robust discriminative keyword spotting for emotionally colored spontaneous speech using bidirectional LSTM networks , 2009, 2009 IEEE International Conference on Acoustics, Speech and Signal Processing.

[6]  Jürgen Schmidhuber,et al.  A Clockwork RNN , 2014, ICML.

[7]  Ekaterina Vylomova,et al.  Depth-Gated LSTM , 2015, ArXiv.

[8]  Jinjun Chen,et al.  Detection of Malicious Code Variants Based on Deep Learning , 2018, IEEE Transactions on Industrial Informatics.

[9]  Claudia Eckert,et al.  Deep Learning for Classification of Malware System Call Sequences , 2016, Australasian Conference on Artificial Intelligence.

[10]  Geoffrey E. Hinton,et al.  Learning representations by back-propagation errors, nature , 1986 .

[11]  V. S. Shankar Sriram,et al.  An efficient intrusion detection system based on hypergraph - Genetic algorithm for parameter optimization and feature selection in support vector machine , 2017, Knowl. Based Syst..

[12]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[13]  Jürgen Schmidhuber,et al.  Long Short-Term Memory , 1997, Neural Computation.

[14]  Geoffrey E. Hinton,et al.  Learning representations by back-propagating errors , 1986, Nature.

[15]  Yoshua Bengio,et al.  Learning Phrase Representations using RNN Encoder–Decoder for Statistical Machine Translation , 2014, EMNLP.

[16]  Dawn Xiaodong Song,et al.  Recognizing Functions in Binaries with Neural Networks , 2015, USENIX Security Symposium.

[17]  Santosh Kumar Sahu,et al.  A detail analysis on intrusion detection datasets , 2014, 2014 IEEE International Advance Computing Conference (IACC).

[18]  Rishabh Singh,et al.  Learn&Fuzz: Machine learning for input fuzzing , 2017, 2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE).

[19]  James A. Reggia,et al.  Recurrent Neural Collective Classification , 2013, IEEE Transactions on Neural Networks and Learning Systems.

[20]  Wenyi Huang,et al.  MtNet: A Multi-Task Neural Network for Dynamic Malware Classification , 2016, DIMVA.

[21]  Soumith Chintala,et al.  Unsupervised Representation Learning with Deep Convolutional Generative Adversarial Networks , 2015, ICLR.

[22]  Fabio L. Traversa,et al.  Accelerating Deep Learning with Memcomputing , 2018, Neural Networks.

[23]  Yu Zhang,et al.  Training RNNs as Fast as CNNs , 2017, EMNLP 2018.

[24]  Jong Hyuk Park,et al.  OpCloudSec: Open cloud software defined wireless network security for the Internet of Things , 2018, Comput. Commun..

[25]  Shaohan Hu,et al.  Deep Learning for the Internet of Things , 2018, Computer.

[26]  Manoj Kumar Putchala Deep Learning Approach for Intrusion Detection System (IDS) in the Internet of Things (IoT) Network using Gated Recurrent Neural Networks (GRU) , 2017 .

[27]  Ali Gökhan Yavuz,et al.  Network Anomaly Detection with Stochastically Improved Autoencoder Based Models , 2017, 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud).

[28]  Razvan Pascanu,et al.  Malware classification with recurrent networks , 2015, 2015 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).

[29]  Vasilios Katos,et al.  Network intrusion detection: Evaluating cluster, discriminant, and logit analysis , 2007, Inf. Sci..

[30]  Ali Bou Nassif,et al.  Dimensionality reduction with IG-PCA and ensemble classifier for network intrusion detection , 2019, Comput. Networks.

[31]  Björn W. Schuller,et al.  Online Driver Distraction Detection Using Long Short-Term Memory , 2011, IEEE Transactions on Intelligent Transportation Systems.

[32]  Jongyoo Kim,et al.  Deep CNN-Based Blind Image Quality Predictor , 2019, IEEE Transactions on Neural Networks and Learning Systems.

[33]  Ramesh Raskar,et al.  Distributed learning of deep neural network over multiple agents , 2018, J. Netw. Comput. Appl..