Toward Developing Efficient Conv-AE-Based Intrusion Detection System Using Heterogeneous Dataset

Recently, due to the rapid development and remarkable result of deep learning (DL) and machine learning (ML) approaches in various domains for several long-standing artificial intelligence (AI) tasks, there has an extreme interest in applying toward network security too. Nowadays, in the information communication technology (ICT) era, the intrusion detection (ID) system has the great potential to be the frontier of security against cyberattacks and plays a vital role in achieving network infrastructure and resources. Conventional ID systems are not strong enough to detect advanced malicious threats. Heterogeneity is one of the important features of big data. Thus, designing an efficient ID system using a heterogeneous dataset is a massive research problem. There are several ID datasets openly existing for more research by the cybersecurity researcher community. However, no existing research has shown a detailed performance evaluation of several ML methods on various publicly available ID datasets. Due to the dynamic nature of malicious attacks with continuously changing attack detection methods, ID datasets are available publicly and are updated systematically. In this research, spark MLlib (machine learning library)-based robust classical ML classifiers for anomaly detection and state of the art DL, such as the convolutional-auto encoder (Conv-AE) for misuse attack, is used to develop an efficient and intelligent ID system to detect and classify unpredictable malicious attacks. To measure the effectiveness of our proposed ID system, we have used several important performance metrics, such as FAR, DR, and accuracy, while experiments are conducted on the publicly existing dataset, specifically the contemporary heterogeneous CSE-CIC-IDS2018 dataset.

[1]  N. B. Anuar,et al.  The rise of "big data" on cloud computing: Review and open research issues , 2015, Inf. Syst..

[2]  Muhammad Binsawad,et al.  Deep Autoencoders and Feedforward Networks Based on a New Regularization for Anomaly Detection , 2020, Secur. Commun. Networks.

[3]  Gisung Kim,et al.  A novel hybrid intrusion detection method integrating anomaly detection with misuse detection , 2014, Expert Syst. Appl..

[4]  M. A. Jabbar,et al.  Random Forest Modeling for Network Intrusion Detection System , 2016 .

[5]  Howon Kim,et al.  Network Intrusion Detection Based on Novel Feature Selection Model and Various Recurrent Neural Networks , 2019, Applied Sciences.

[6]  Samir Kumar Bandyopadhyay,et al.  A Step Forward to Revolutionise IntrusionDetection System Using Deep Convolution Neural Network , 2020 .

[7]  Tankut Acarman,et al.  A deep learning method to detect network intrusion through flow‐based features , 2018, Int. J. Netw. Manag..

[8]  Muhammad Munwar Iqbal,et al.  Enhanced Network Anomaly Detection Based on Deep Neural Networks , 2018, IEEE Access.

[9]  LiaoYihua Use of K-Nearest Neighbor classifier for intrusion detection11An earlier version of this paper is to appear in the Proceedings of the 11th USENIX Security Symposium, San Francisco, CA, August 2002 , 2002 .

[10]  Lifeng Cao,et al.  Analysis of Multi-Types of Flow Features Based on Hybrid Neural Network for Improving Network Anomaly Detection , 2019, IEEE Access.

[11]  V. Rao Vemuri,et al.  Use of K-Nearest Neighbor classifier for intrusion detection , 2002, Comput. Secur..

[12]  Yoshua Bengio,et al.  Why Does Unsupervised Pre-training Help Deep Learning? , 2010, AISTATS.

[13]  Xiaojiang Du,et al.  A Survey of Machine and Deep Learning Methods for Internet of Things (IoT) Security , 2018, IEEE Communications Surveys & Tutorials.

[14]  Luis A. Trejo,et al.  DNS-ADVP: A Machine Learning Anomaly Detection and Visual Platform to Protect Top-Level Domain Name Servers Against DDoS Attacks , 2019, IEEE Access.

[15]  Wail S. Elkilani,et al.  A hybrid approach for efficient anomaly detection using metaheuristic methods , 2014, Journal of advanced research.

[16]  Chen Shan,et al.  A Minimum Cost of Network Hardening Model Based on Attack Graphs , 2011 .

[17]  Raimo Kantola,et al.  Performance Evaluation of a Combined Anomaly Detection Platform , 2019, IEEE Access.

[18]  GaniAbdullah,et al.  The rise of "big data" on cloud computing , 2015 .

[19]  Mohammad Zulkernine,et al.  Random-Forests-Based Network Intrusion Detection Systems , 2008, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[20]  Noorhaniza Wahid,et al.  A hybrid network intrusion detection system using simplified swarm optimization (SSO) , 2012, Appl. Soft Comput..

[21]  Yu Lasheng,et al.  Deep Learning Approach Combining Sparse Autoencoder With SVM for Network Intrusion Detection , 2018, IEEE Access.

[22]  C. L. Philip Chen,et al.  Data-intensive applications, challenges, techniques and technologies: A survey on Big Data , 2014, Inf. Sci..

[23]  Yiqiang Sheng,et al.  HAST-IDS: Learning Hierarchical Spatial-Temporal Features Using Deep Neural Networks to Improve Intrusion Detection , 2018, IEEE Access.

[24]  Bayu Adhi Tama,et al.  TSE-IDS: A Two-Stage Classifier Ensemble for Intelligent Anomaly-Based Intrusion Detection System , 2019, IEEE Access.

[25]  Alfredo De Santis,et al.  Network anomaly detection with the restricted Boltzmann machine , 2013, Neurocomputing.

[26]  Giancarlo Fortino,et al.  A hybrid deep learning model for efficient intrusion detection in big data environment , 2020, Inf. Sci..