A real-time and ubiquitous network attack detection based on deep belief network and support vector machine

In recent years, network traffic data have become larger and more complex, leading to higher possibilities of network intrusion. Traditional intrusion detection methods face difficulty in processing high-speed network data and cannot detect currently unknown attacks. Therefore, this paper proposes a network attack detection method combining a flow calculation and deep learning. The method consists of two parts: a real-time detection algorithm based on flow calculations and frequent patterns and a classification algorithm based on the deep belief network and support vector machine ( DBN-SVM ) . Sliding window ( SW ) stream data processing enables real-time detection, and the DBN-SVM algorithm can improve classification accuracy. Finally, to verify the proposed method, a system is implemented. Based on the CICIDS2017 open source data set, a series of comparative experiments are conducted. The method ʼ s real-time detection efficiency is higher than that of traditional machine learning algorithms. The attack classification accuracy is 0.7 percentage points higher than that of a DBN, which is 2 percentage points higher than that of the integrated algorithm boosting and bagging methods. Hence, it is suitable for the real-time detection of high-speed network intrusions.

[1]  Manas Ranjan Patra,et al.  A Hybrid Intelligent Approach for Network Intrusion Detection , 2012 .

[2]  Xiangliang Zhang,et al.  Autonomic intrusion detection: Adaptively detecting anomalies over unlabeled audit data streams in computer networks , 2014, Knowl. Based Syst..

[3]  Arputharaj Kannan,et al.  Decision tree based light weight intrusion detection using a wrapper approach , 2012, Expert Syst. Appl..

[4]  Andrew J. Clark,et al.  Data preprocessing for anomaly based network intrusion detection: A review , 2011, Comput. Secur..

[5]  Mohsen Guizani,et al.  Hadoop Based Real-Time Intrusion Detection for High-Speed Networks , 2016, 2016 IEEE Global Communications Conference (GLOBECOM).

[6]  Panos Louvieris,et al.  Effects-based feature identification for network intrusion detection , 2013, Neurocomputing.

[7]  Windu Gata,et al.  Intrusion detection system using hybrid binary PSO and K-nearest neighborhood algorithm , 2017, 2017 11th International Conference on Information & Communication Technology and System (ICTS).

[8]  R. de Oliveira,et al.  Intrusion Detection System with Wavelet and Neural Artifical Network Approach for Networks Computers , 2011, IEEE Latin America Transactions.

[9]  S. A. Joshi,et al.  Network Intrusion Detection System (NIDS) based on Data Mining , 2013 .

[10]  Nor Badrul Anuar,et al.  An appraisal and design of a multi-agent system based cooperative wireless intrusion detection computational intelligence technique , 2013, Eng. Appl. Artif. Intell..

[11]  Kannapiran Balasubramanian,et al.  A Fusion of Multiagent Functionalities for Effective Intrusion Detection System , 2017, Secur. Commun. Networks.

[12]  Seref Sagiroglu,et al.  Big data analytics for network anomaly detection from netflow data , 2017, 2017 International Conference on Computer Science and Engineering (UBMK).

[13]  Bhavani M. Thuraisingham,et al.  A new intrusion detection system using support vector machines and hierarchical clustering , 2007, The VLDB Journal.

[14]  Shubair A. Abdulla,et al.  Setting a Worm Attack Warning by using Machine Learning to Classify NetFlow Data , 2011 .

[15]  M. Hemalatha,et al.  Effective approach toward Intrusion Detection System using data mining techniques , 2014 .

[16]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[17]  Reda Alhajj,et al.  Data stream mining architecture for network intrusion detection , 2004, Proceedings of the 2004 IEEE International Conference on Information Reuse and Integration, 2004. IRI 2004..

[18]  Radu State,et al.  Machine Learning Approach for IP-Flow Record Anomaly Detection , 2011, Networking.

[19]  Meenakshi Sharma,et al.  An approach towards multilevel and multiagent based intrusion detection system , 2014, 2014 IEEE International Conference on Advanced Communications, Control and Computing Technologies.

[20]  MengChu Zhou,et al.  An online fault detection model and strategies based on SVM-grid in clouds , 2018, IEEE/CAA Journal of Automatica Sinica.

[21]  Gulshan Kumar,et al.  Survey on Data Mining Techniques in Intrusion Detection , 2012 .

[22]  Manel Guerrero Zapata,et al.  A fuzzy anomaly detection system based on hybrid PSO-Kmeans algorithm in content-centric networks , 2015, Neurocomputing.

[23]  Li Bo,et al.  Research of Recognition System of Web Intrusion Detection Based on Storm , 2016, ICNCC '16.

[24]  Guo Shan Anomaly Intrusion Detection Based on Data Stream , 2007 .

[25]  Li Tu,et al.  Density-based clustering for real-time stream data , 2007, KDD '07.

[26]  Ali A. Ghorbani,et al.  Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization , 2018, ICISSP.