Network Malicious Behavior Detection Using Bidirectional LSTM

With the rapid development of the Internet, the methods of cyber attack have become more complex and the damage to the world has become increasingly greater. Therefore, timely detection of malicious behavior on the Internet has become an important security issue today. This paper proposes an intrusion detection system based on deep learning, applies bidirectional long short term memory architecture to the system, and uses the UNSW-NB15 data set for training and testing. Experimental tests show that the intrusion detection system can effectively detect the known or unknown malicious behavior of the network under the current network environment.

[1]  Tsung-Yi Chen,et al.  A network behavior evaluation method for improving interactive security in virtual network worlds , 2016, Inf. Secur. J. A Glob. Perspect..

[2]  Ralf C. Staudemeyer,et al.  Applying long short-term memory recurrent neural networks to intrusion detection , 2015 .

[3]  Jürgen Schmidhuber,et al.  Long Short-Term Memory , 1997, Neural Computation.

[4]  Jürgen Schmidhuber,et al.  Learning to Forget: Continual Prediction with LSTM , 2000, Neural Computation.

[5]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[6]  Nour Moustafa,et al.  UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set) , 2015, 2015 Military Communications and Information Systems Conference (MilCIS).

[7]  Jill Slay,et al.  The evaluation of Network Anomaly Detection Systems: Statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set , 2016, Inf. Secur. J. A Glob. Perspect..

[8]  Howon Kim,et al.  Long Short Term Memory Recurrent Neural Network Classifier for Intrusion Detection , 2016, 2016 International Conference on Platform Technology and Service (PlatCon).

[9]  Salvatore J. Stolfo,et al.  A data mining framework for building intrusion detection models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[10]  Jürgen Schmidhuber,et al.  Framewise phoneme classification with bidirectional LSTM and other neural network architectures , 2005, Neural Networks.

[11]  Risto Miikkulainen,et al.  Intrusion Detection with Neural Networks , 1997, NIPS.