Research on Intrusion Detection Based on Semantic Re-encoding and Multi-space Projection

In recent years, with the continuous popularization of the cyber-attacking technology, the network intrusion events tend to be frequent and concealed. The accuracy of the traditional rule-based intrusion detection system is affected. And the false alarm rate of machine learning-based intrusion detection system is high due to the lack of causal link analysis among sampled data and attack events. Aiming at the problem, this paper proposes an intelligent intrusion detection algorithm, named SRMPC, which based on semantic re-encoding and multi-space projection. The key idea of the SRMPC algorithm is that the semantics of the network traffic is differentiated, and the normal network traffic and the attack network traffic often have obvious differences in the narrative semantics. The SRMPC algorithm re-encodes the semantics of the network traffic, and uses the multi-space projection technology to make the re-encoded semantic space boundaries clearing, thus, effectively improving the detection accuracy and robustness of the algorithm. The SRMPC algorithm can get > 99% accuracy of general Web attack detection, and when identifying NSL-KDD data sets with CNN, an average performance improvement of 8% is achieved.

[1]  Yuefei Zhu,et al.  A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks , 2017, IEEE Access.

[2]  Chee Sun Liew,et al.  A Convolutional Neural Network for Network Intrusion Detection System , 2018 .

[3]  Jugal K. Kalita,et al.  Network Anomaly Detection: Methods, Systems and Tools , 2014, IEEE Communications Surveys & Tutorials.

[4]  Jenq-Shiou Leu,et al.  Using Long-Short-Term Memory Based Convolutional Neural Networks for Network Intrusion Detection , 2018, WICON.

[5]  Jiankun Hu,et al.  A novel statistical technique for intrusion detection systems , 2018, Future Gener. Comput. Syst..

[6]  Kehe Wu,et al.  A Novel Intrusion Detection Model for a Massive Network Using Convolutional Neural Networks , 2018, IEEE Access.

[7]  Yu Lasheng,et al.  Deep Learning Approach Combining Sparse Autoencoder With SVM for Network Intrusion Detection , 2018, IEEE Access.

[8]  Muhammad Munwar Iqbal,et al.  Enhanced Network Anomaly Detection Based on Deep Neural Networks , 2018, IEEE Access.

[9]  Anamika Yadav,et al.  Performance analysis of NSL-KDD dataset using ANN , 2015, 2015 International Conference on Signal Processing and Communication Engineering Systems.

[10]  Yang Yu,et al.  An Effective Two-Step Intrusion Detection Approach Based on Binary Classification and $k$ -NN , 2018, IEEE Access.

[11]  Jian Sun,et al.  Deep Residual Learning for Image Recognition , 2015, 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[12]  B PrabhuKavin,et al.  Data Mining Techniques for Providing Network Security through Intrusion Detection Systems: a Survey , 2018 .

[13]  Dong Hyun Jeong,et al.  A multi-level intrusion detection method for abnormal network behaviors , 2016, J. Netw. Comput. Appl..

[14]  Mamun Bin Ibne Reaz,et al.  A survey of intrusion detection systems based on ensemble and hybrid classifiers , 2017, Comput. Secur..

[15]  Roberto Blanco,et al.  Multiclass Network Attack Classifier Using CNN Tuned with Genetic Algorithms , 2018, 2018 28th International Symposium on Power and Timing Modeling, Optimization and Simulation (PATMOS).

[16]  Naveen K. Chilamkurti,et al.  Distributed attack detection scheme using deep learning approach for Internet of Things , 2017, Future Gener. Comput. Syst..

[17]  Pietro Sabatino,et al.  Ensemble based collaborative and distributed intrusion detection systems: A survey , 2016, J. Netw. Comput. Appl..

[18]  Jiankun Hu,et al.  A holistic review of Network Anomaly Detection Systems: A comprehensive survey , 2019, J. Netw. Comput. Appl..

[19]  Bruno Volckaert,et al.  Scheduling framework for distributed intrusion detection systems over heterogeneous network architectures , 2018, J. Netw. Comput. Appl..