Improving Intrusion Detection System using Artificial Neural Network

Currently, network communication is more suscep-tible to different forms of attacks due to its expanded usage, accessibility, and complexity in most areas, consequently imposing greater security risks. One method to halt attacks is to identify different forms of irregularities in the data transmitted and processed during communication. Detection of anomalies is a vital process to secure a system. To this end, machine learning plays a key role in identifying abnormalities and intrusion in communica-tion over a network. The term regularization is one of the major aspects of training machine learning models, in which, it plays a primary role in several successful Artificial neural network models, by inducing regularization in the model training. Then, this technique is integrated with an Artificial Neural Network (ANN) for classifying and detecting irregularities in network communication efficiency. The purpose of regularization is to discourage learning a more flexible or complex model. Thus, the machine learning model generalizes enough to perform accurately on unseen data. For training and testing purposes, NSL-KDD, CIDDS-001 (External and Internal Server Data), and UNSW-NB15 datasets were utilized. Through extensive experiments, the proposed regularizer reaches higher True Positive Rate (TPR) and precision compared L1 and L2 norm regularization algorithms. Thus, it is concluded that the proposed regularizer demonstrates a strong intrusion detection ability.

[1]  Dewan Md. Farid,et al.  Adaptive Intrusion Detection based on Boosting and Naïve Bayesian Classifier , 2011 .

[2]  Ming-Yang Su,et al.  Real-time anomaly detection systems for Denial-of-Service attacks by weighted k-nearest-neighbor classifiers , 2011, Expert Syst. Appl..

[3]  Virender Ranga,et al.  On evaluation of Network Intrusion Detection Systems: Statistical analysis of CIDDS-001 dataset using Machine Learning Techniques , 2019 .

[4]  George C. Runger,et al.  Feature selection via regularized trees , 2012, The 2012 International Joint Conference on Neural Networks (IJCNN).

[5]  Khalid Chougdali,et al.  Intrusion detection system using PCA and Fuzzy PCA techniques , 2016, 2016 International Conference on Advanced Communication Systems and Information Security (ACOSIS).

[6]  XiangCheng,et al.  Design of multiple-level hybrid classifier for intrusion detection system using Bayesian clustering and decision trees , 2008 .

[7]  Sameer Singh,et al.  Novelty detection: a review - part 1: statistical approaches , 2003, Signal Process..

[8]  Abdolreza Mirzaei,et al.  Intrusion detection using fuzzy association rules , 2009, Appl. Soft Comput..

[9]  Jill Slay,et al.  The Significant Features of the UNSW-NB15 and the KDD99 Data Sets for Network Intrusion Detection Systems , 2015, 2015 4th International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS).

[10]  So Young Sohn,et al.  Random effects logistic regression model for anomaly detection , 2007, Expert Syst. Appl..

[11]  Longbing Cao,et al.  Novel Intrusion Detection using Probabilistic Neural Network and Adaptive Boosting , 2009, ArXiv.

[12]  Hamid Mohamadi,et al.  Design and analysis of genetic fuzzy systems for intrusion detection in computer networks , 2011, Expert Syst. Appl..

[13]  J. Sládek,et al.  Regularization Techniques Applied to Boundary Element Methods , 1994 .

[14]  Lorien Y. Pratt,et al.  Comparing Biases for Minimal Network Construction with Back-Propagation , 1988, NIPS.

[15]  Qi Shi,et al.  A Deep Learning Approach to Network Intrusion Detection , 2018, IEEE Transactions on Emerging Topics in Computational Intelligence.

[16]  Jeff Schneider,et al.  Detecting patterns of anomalies , 2009 .

[17]  Sameer Singh,et al.  Novelty detection: a review - part 2: : neural network based approaches , 2003, Signal Process..

[18]  Jason Weston,et al.  A user's guide to support vector machines. , 2010, Methods in molecular biology.

[19]  Jian Ma,et al.  A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering , 2010, Expert Syst. Appl..

[20]  Adiwijaya,et al.  Comparative study of conjugate gradient to optimize learning process of neural network for Intrusion Detection System (IDS) , 2017, 2017 3rd International Conference on Science in Information Technology (ICSITech).

[21]  Bart Selman,et al.  A general stochastic approach to solving problems with hard and soft constraints , 1996, Satisfiability Problem: Theory and Applications.

[22]  Fabio Roli,et al.  Intrusion detection in computer networks by a modular ensemble of one-class classifiers , 2008, Inf. Fusion.

[23]  Nitish Srivastava,et al.  Dropout: a simple way to prevent neural networks from overfitting , 2014, J. Mach. Learn. Res..

[24]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[25]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[26]  Yuefei Zhu,et al.  A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks , 2017, IEEE Access.

[27]  Wei Hu,et al.  AdaBoost-Based Algorithm for Network Intrusion Detection , 2008, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[28]  A. Ng Feature selection, L1 vs. L2 regularization, and rotational invariance , 2004, Twenty-first international conference on Machine learning - ICML '04.

[29]  Bayu Adhi Tama,et al.  TSE-IDS: A Two-Stage Classifier Ensemble for Intelligent Anomaly-Based Intrusion Detection System , 2019, IEEE Access.

[30]  Ester Yen,et al.  Data mining-based intrusion detectors , 2009, Expert Syst. Appl..

[31]  Hussein A. Abbass,et al.  An adaptive genetic-based signature learning system for intrusion detection , 2009, Expert Syst. Appl..

[32]  Nitish Srivastava,et al.  Improving neural networks by preventing co-adaptation of feature detectors , 2012, ArXiv.

[33]  Bayu Adhi Tama,et al.  An in-depth experimental study of anomaly detection using gradient boosted machine , 2017, Neural Computing and Applications.

[34]  Chih-Fong Tsai,et al.  CANN: An intrusion detection system based on combining cluster centers and nearest neighbors , 2015, Knowl. Based Syst..

[35]  Alyani Ismail,et al.  A New Intrusion Detection System Based on Fast Learning Network and Particle Swarm Optimization , 2018, IEEE Access.

[36]  Zhi Jin,et al.  A Comparative Study on Regularization Strategies for Embedding-based Neural Networks , 2015, EMNLP.

[37]  Virender Ranga,et al.  Statistical analysis of CIDDS-001 dataset for Network Intrusion Detection Systems using Distance-based Machine Learning , 2018 .

[38]  Miad Faezipour,et al.  Deep and Machine Learning Approaches for Anomaly-Based Intrusion Detection of Imbalanced Network Traffic , 2019, IEEE Sensors Letters.

[39]  Monica Mehrotra,et al.  Design Network Intrusion Detection System using hybrid Fuzzy-Neural Network , 2010 .

[40]  Pushparaja Murugan,et al.  Regularization and Optimization strategies in Deep Convolutional Neural Network , 2017, ArXiv.

[41]  Howon Kim,et al.  Long Short Term Memory Recurrent Neural Network Classifier for Intrusion Detection , 2016, 2016 International Conference on Platform Technology and Service (PlatCon).

[42]  Yann LeCun,et al.  Tangent Prop - A Formalism for Specifying Selected Invariances in an Adaptive Network , 1991, NIPS.

[43]  John DeNero,et al.  L1 and L2 regularization for multiclass hinge loss models , 2011, MLSLP.

[44]  Andreas Hotho,et al.  Flow-based benchmark data sets for intrusion detection , 2017 .