A network threat analysis method combined with kernel PCA and LSTM-RNN

With the evolution of network threat, identifying attack from both external and internal is getting more and more difficult. To detect both known and unknown malicious attacks, several machine learning algorithms are utilized. However, these algorithms have still some limitations such as high false positive and false alarm rate. To overcome above challenge, we propose a threat analysis method combined with kernel principal component analysis (PCA) and long short-term memory recurrent neural network (LSTM-RNN). To achieve high accurate detection rate, data preprocessing, feature extraction, attack detection is seamlessly integrated into an end-to-end detection method. To assess the method, the well-known NSL-KDD dataset has been used. Experimental results show that the proposed threat analysis method greatly outperforms several attack detection methods that use SVM, neural network or Bayesian methods.

[1]  S. Ramakrishnan,et al.  PERFORMANCE COMPARISON FOR INTRUSION DETECTION SYSTEM USING NEURAL NETWORK WITH KDD DATASET , 2014, SOCO 2014.

[2]  Franciszek Seredynski,et al.  Recurrent neural networks towards detection of SQL attacks , 2007, 2007 IEEE International Parallel and Distributed Processing Symposium.

[3]  Yassine Maleh,et al.  A Global Hybrid Intrusion Detection System for Wireless Sensor Networks , 2015, ANT/SEIT.

[4]  Howon Kim,et al.  An Effective Intrusion Detection Classifier Using Long Short-Term Memory with Gradient Descent Optimization , 2017, 2017 International Conference on Platform Technology and Service (PlatCon).

[5]  Heidar A. Malki,et al.  Network Intrusion Detection System Using Neural Networks , 2008, 2008 Fourth International Conference on Natural Computation.

[6]  Bernhard Schölkopf,et al.  Nonlinear Component Analysis as a Kernel Eigenvalue Problem , 1998, Neural Computation.

[7]  Xue Wang,et al.  Comparison deep learning method to traditional methods using for network intrusion detection , 2016, 2016 8th IEEE International Conference on Communication Software and Networks (ICCSN).

[8]  Ashraf Darwish,et al.  Principle components analysis and Support Vector Machine based Intrusion Detection System , 2010, 2010 10th International Conference on Intelligent Systems Design and Applications.

[9]  Manas Ranjan Patra,et al.  A Hybrid Intelligent Approach for Network Intrusion Detection , 2012 .

[10]  P. Venkata Krishna,et al.  A Deep Learning Based Artificial Neural Network Approach for Intrusion Detection , 2017, ICMC.

[11]  Leonard Barolli,et al.  Application of Deep Recurrent Neural Networks for Prediction of User Behavior in Tor Networks , 2017, 2017 31st International Conference on Advanced Information Networking and Applications Workshops (WAINA).

[12]  Manas Ranjan Patra,et al.  Discriminative multinomial Naïve Bayes for network intrusion detection , 2010, 2010 Sixth International Conference on Information Assurance and Security.

[13]  Je-Won Kang,et al.  Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security , 2016, PloS one.

[14]  Howon Kim,et al.  Long Short Term Memory Recurrent Neural Network Classifier for Intrusion Detection , 2016, 2016 International Conference on Platform Technology and Service (PlatCon).