Deep Learning Approach Combining Sparse Autoencoder With SVM for Network Intrusion Detection

Network intrusion detection systems (NIDSs) provide a better solution to network security than other traditional network defense technologies, such as firewall systems. The success of NIDS is highly dependent on the performance of the algorithms and improvement methods used to increase the classification accuracy and decrease the training and testing times of the algorithms. We propose an effective deep learning approach, self-taught learning (STL)-IDS, based on the STL framework. The proposed approach is used for feature learning and dimensionality reduction. It reduces training and testing time considerably and effectively improves the prediction accuracy of support vector machines (SVM) with regard to attacks. The proposed model is built using the sparse autoencoder mechanism, which is an effective learning algorithm for reconstructing a new feature representation in an unsupervised manner. After the pre-training stage, the new features are fed into the SVM algorithm to improve its detection capability for intrusion and classification accuracy. Moreover, the efficiency of the approach in binary and multiclass classification is studied and compared with that of shallow classification methods, such as J48, naive Bayesian, random forest, and SVM. Results show that our approach has accelerated SVM training and testing times and performed better than most of the previous approaches in terms of performance metrics in binary and multiclass classification. The proposed STL-IDS approach improves network intrusion detection and provides a new research method for intrusion detection.

[1]  Andrew H. Sung,et al.  Intrusion detection using neural networks and support vector machines , 2002, Proceedings of the 2002 International Joint Conference on Neural Networks. IJCNN'02 (Cat. No.02CH37290).

[2]  Mahmood Yousefi-Azar,et al.  Autoencoder-based feature learning for cyber security applications , 2017, 2017 International Joint Conference on Neural Networks (IJCNN).

[3]  Natalija Vlajic,et al.  Robustness of deep autoencoder in intrusion detection under adversarial contamination , 2018, HotSoS.

[4]  Heba F. Eid,et al.  Hybrid Intelligent Intrusion Detection Scheme , 2011 .

[5]  Tadahiro Taniguchi,et al.  Visualization of driving behavior using deep sparse autoencoder , 2014, 2014 IEEE Intelligent Vehicles Symposium Proceedings.

[6]  Erik Marchi,et al.  Sparse Autoencoder-Based Feature Transfer Learning for Speech Emotion Recognition , 2013, 2013 Humaine Association Conference on Affective Computing and Intelligent Interaction.

[7]  Ling Gao,et al.  An Intrusion Detection Model Based on Deep Belief Networks , 2014 .

[8]  David Perez Abreu,et al.  Intrusion detection in computer networks using hybrid machine learning techniques , 2017, 2017 XLIII Latin American Computer Conference (CLEI).

[9]  Honglak Lee,et al.  An Analysis of Single-Layer Networks in Unsupervised Feature Learning , 2011, AISTATS.

[10]  Carla Purdy,et al.  Toward an Online Anomaly Intrusion Detection System Based on Deep Learning , 2016, 2016 15th IEEE International Conference on Machine Learning and Applications (ICMLA).

[11]  Julio Ortega Lopera,et al.  PCA filtering and probabilistic SOM for network intrusion detection , 2015, Neurocomputing.

[12]  Neelam Sharma,et al.  INTRUSION DETECTION USING NAIVE BAYES CLASSIFIER WITH FEATURE REDUCTION , 2012 .

[13]  Xue Wang,et al.  Comparison deep learning method to traditional methods using for network intrusion detection , 2016, 2016 8th IEEE International Conference on Communication Software and Networks (ICCSN).

[14]  Qi Shi,et al.  A Deep Learning Approach to Network Intrusion Detection , 2018, IEEE Transactions on Emerging Topics in Computational Intelligence.

[15]  Wathiq Laftah Al-Yaseen,et al.  Multi-level hybrid support vector machine and extreme learning machine based on modified K-means for intrusion detection system , 2017, Expert Syst. Appl..

[16]  Long-Sheng Chen,et al.  Feature Extraction based Approaches for Improving the Performance of Intrusion Detection Systems , 2022 .

[17]  Tahir Mehmood,et al.  SVM for network anomaly detection using ACO feature subset , 2015, 2015 International Symposium on Mathematical Sciences and Computing Research (iSMSC).

[18]  Hugo Larochelle,et al.  Efficient Learning of Deep Boltzmann Machines , 2010, AISTATS.

[19]  Naveen K. Chilamkurti,et al.  Distributed attack detection scheme using deep learning approach for Internet of Things , 2017, Future Gener. Comput. Syst..

[20]  Subhransu Maji,et al.  Classification using intersection kernel support vector machines is efficient , 2008, 2008 IEEE Conference on Computer Vision and Pattern Recognition.

[21]  Yiqiang Sheng,et al.  HAST-IDS: Learning Hierarchical Spatial-Temporal Features Using Deep Neural Networks to Improve Intrusion Detection , 2018, IEEE Access.

[22]  Sanghyun Seo,et al.  Improvement of Network Intrusion Detection Accuracy by Using Restricted Boltzmann Machine , 2016, 2016 8th International Conference on Computational Intelligence and Communication Networks (CICN).

[23]  Rajat Raina,et al.  Self-taught learning: transfer learning from unlabeled data , 2007, ICML '07.

[24]  V. Rao Vemuri,et al.  Use of K-Nearest Neighbor classifier for intrusion detection , 2002, Comput. Secur..

[25]  C. V. Jawahar,et al.  Efficient implementation of SVM for large class problems , 2008, 2008 19th International Conference on Pattern Recognition.

[26]  Mohiuddin Ahmed,et al.  A survey of network anomaly detection techniques , 2016, J. Netw. Comput. Appl..

[27]  Manojit Chattopadhyay,et al.  An Efficient Approach to Develop an Intrusion Detection System Based on Multi Layer Backpropagation Neural Network Algorithm: IDS using BPNN Algorithm , 2015, CPR.

[28]  Wei-Yang Lin,et al.  Intrusion detection by machine learning: A review , 2009, Expert Syst. Appl..

[29]  Yuefei Zhu,et al.  A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks , 2017, IEEE Access.

[30]  Fahimeh Farahnakian,et al.  A deep auto-encoder based approach for intrusion detection system , 2018, 2018 20th International Conference on Advanced Communication Technology (ICACT).

[31]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[32]  Mansoor Alam,et al.  A Deep Learning Approach for Network Intrusion Detection System , 2016, EAI Endorsed Trans. Security Safety.

[33]  Jie Gu,et al.  An effective intrusion detection framework based on SVM with feature augmentation , 2017, Knowl. Based Syst..

[34]  Yuancheng Li,et al.  A Hybrid Malicious Code Detection Method based on Deep Learning , 2015 .

[35]  Md Zahangir Alom,et al.  Intrusion detection using deep belief networks , 2015, 2015 National Aerospace and Electronics Conference (NAECON).

[36]  Yu-Lin He,et al.  Fuzziness based semi-supervised learning approach for intrusion detection system , 2017, Inf. Sci..

[37]  Nerijus Paulauskas,et al.  Analysis of data pre-processing influence on intrusion detection using NSL-KDD dataset , 2017, 2017 Open Conference of Electrical, Electronic and Information Sciences (eStream).

[38]  Zhengxin Chen,et al.  Multiple criteria mathematical programming for multi-class classification and application in network intrusion detection , 2009, Inf. Sci..

[39]  Shahram Sarkani,et al.  A network intrusion detection system based on a Hidden Naïve Bayes multiclass classifier , 2012, Expert Syst. Appl..

[40]  Gisung Kim,et al.  A novel hybrid intrusion detection method integrating anomaly detection with misuse detection , 2014, Expert Syst. Appl..