Network anomaly detection with deep learning

Along with the developing new technologies, security breaches have become one of the major concerns in the cyber world. In order to provide safety, anti-viruses, firewalls, intrusion detection/prevention systems and many others are used together. However, these tools provide protection in the boundaries of their pre-defined rules and databases, thus being as secure as their updated profiles and while these tools exhibit high performance against conventional attacks, the protected systems become weak against the new and complex type of attacks. In order to prevent new kinds of attacks, for example, the zero-day attacks, it is necessary to constantly monitor the flow of the events and make inferences to detect abnormal behavior. At this point, to provide robust solutions, the deep learning models that are capable of making high-performance inferences from the natural flow of data are frequently used. In this study, the performance of a deep learning model, including automatic feature extraction and autoencoders, is measured against normal and anomalous behavior. In terms of the comparability of the measurements, the NSL-KDD dataset is used and the results are improved compared to the literature.

[1]  Steve Jenkins Learning to love SIEM , 2011, Netw. Secur..

[2]  Mamun Bin Ibne Reaz,et al.  A survey of intrusion detection systems based on ensemble and hybrid classifiers , 2017, Comput. Secur..

[3]  Ali Gökhan Yavuz,et al.  Network Anomaly Detection with Stochastically Improved Autoencoder Based Models , 2017, 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud).

[4]  Hee-su Chae,et al.  Selection for efficient Intrusion Detection using Attribute Ratio , .

[5]  Václav Snásel,et al.  Fuzzy classification by evolutionary algorithms , 2011, 2011 IEEE International Conference on Systems, Man, and Cybernetics.

[6]  Ozgur Koray Sahingoz,et al.  Neural network based intrusion detection systems with different training functions , 2018, 2018 6th International Symposium on Digital Forensic and Security (ISDFS).

[7]  Ahmed Patel,et al.  A survey of intrusion detection and prevention systems , 2010, Inf. Manag. Comput. Secur..

[8]  Nadia Erdogan,et al.  RUBDES: A Rule Based Distributed Event System , 2003, ISCIS.

[9]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[10]  Jasmin Kevric,et al.  An effective combining classifier approach using tree algorithms for network intrusion detection , 2017, Neural Computing and Applications.

[11]  Laurence T. Yang,et al.  A survey on deep learning for big data , 2018, Inf. Fusion.

[12]  Mansoor Alam,et al.  A Deep Learning Approach for Network Intrusion Detection System , 2016, EAI Endorsed Trans. Security Safety.