Attack classification of an intrusion detection system using deep learning and hyperparameter optimization

Abstract A network intrusion detection system (NIDS) is a solution that mitigates the threat of attacks on a network. The success of a NIDS depends on the success of its algorithm and the performance of its method in recognizing attacks. We propose a deep learning intrusion detection system (IDS) using a pretraining approach with deep autoencoder (PTDAE) combined with a deep neural network (DNN). Models were developed using hyperparameter optimization procedures. This research provides an alternative solution to deep learning structure models through an automatic hyperparameter optimization process that combines grid search and random search techniques. The automated hyperparameter optimization process helps determine the value of hyperparameters and the best categorical hyperparameter configuration to improve detection performance. The proposed model was tested on the NSL-KDD, and CSE-CIC-ID2018 datasets. In the pretraining phase, we present the results of applying our technique to three feature extraction methods: deep autoencoder (DAE), autoencoder (AE), and stack autoencoder (SAE). The best results are obtained for the DAE method. These performance results also successfully outperform previous approaches in terms of performance metrics in multiclass classification.

[1]  Mianxiong Dong,et al.  Learning IoT in Edge: Deep Learning for the Internet of Things with Edge Computing , 2018, IEEE Network.

[2]  Jaime Lloret,et al.  Conditional Variational Autoencoder for Prediction and Feature Recovery Applied to Intrusion Detection in IoT , 2017, Sensors.

[3]  Katsunari Shibata,et al.  Effect of number of hidden neurons on learning in large-scale layered neural networks , 2009, 2009 ICCAS-SICE.

[4]  Jong Hyuk Park,et al.  An effective handling of secure data stream in IoT , 2017, Appl. Soft Comput..

[5]  Zhi Xue,et al.  Character-Level Intrusion Detection Based On Convolutional Neural Networks , 2018, 2018 International Joint Conference on Neural Networks (IJCNN).

[6]  Lei Song,et al.  A Two Stage Intrusion Detection System for Industrial Control Networks Based on Ethernet/IP , 2019 .

[7]  Jiajun Bu,et al.  Pre-training the deep generative models with adaptive hyperparameter optimization , 2017, Neurocomputing.

[8]  Jiankun Hu,et al.  Windows Based Data Sets for Evaluation of Robustness of Host Based Intrusion Detection Systems (IDS) to Zero-Day and Stealth Attacks , 2016, Future Internet.

[9]  Aaron Klein,et al.  Hyperparameter Optimization , 2017, Encyclopedia of Machine Learning and Data Mining.

[10]  Ahmed Dawoud,et al.  Deep learning and software-defined networks: Towards secure IoT architecture , 2018, Internet Things.

[11]  Yoshua Bengio,et al.  Random Search for Hyper-Parameter Optimization , 2012, J. Mach. Learn. Res..

[12]  Mahmood Yousefi-Azar,et al.  Autoencoder-based feature learning for cyber security applications , 2017, 2017 International Joint Conference on Neural Networks (IJCNN).

[13]  Yang Yu,et al.  Session-Based Network Intrusion Detection Using a Deep Learning Architecture , 2017, MDAI.

[14]  Demetris Stathakis,et al.  How many hidden layers and nodes? , 2009 .

[15]  Ying Zhang,et al.  Intrusion Detection for IoT Based on Improved Genetic Algorithm and Deep Belief Network , 2019, IEEE Access.

[16]  M. A. Novotny,et al.  An evaluation of the performance of Restricted Boltzmann Machines as a model for anomaly network intrusion detection , 2018, Comput. Networks.

[17]  M. Mostafizur Rahman,et al.  Addressing the Class Imbalance Problem in Medical Datasets , 2013 .

[18]  Fernando De la Torre,et al.  Facing Imbalanced Data--Recommendations for the Use of Performance Metrics , 2013, 2013 Humaine Association Conference on Affective Computing and Intelligent Interaction.

[19]  Yoshua Bengio,et al.  Practical Recommendations for Gradient-Based Training of Deep Architectures , 2012, Neural Networks: Tricks of the Trade.

[20]  V. Kanimozhi,et al.  Artificial Intelligence based Network Intrusion Detection with Hyper-Parameter Optimization Tuning on the Realistic Cyber Dataset CSE-CIC-IDS2018 using Cloud Computing , 2019, 2019 International Conference on Communication and Signal Processing (ICCSP).

[21]  Kejiang Ye,et al.  Network Anomaly Detection and Identification Based on Deep Learning Methods , 2018, CLOUD.

[22]  Taghi M. Khoshgoftaar,et al.  Deep learning applications and challenges in big data analytics , 2015, Journal of Big Data.

[23]  Jin Cao,et al.  An Automata Based Intrusion Detection Method for Internet of Things , 2017, Mob. Inf. Syst..

[24]  Elsadek Hussien Ibrahim,et al.  Improving Error Back Propagation Algorithm by using Cross Entropy Error Function and Adaptive Learning Rate , 2017 .

[25]  K. P. Soman,et al.  Deep Learning Approach for Intelligent Intrusion Detection System , 2019, IEEE Access.

[26]  Vrizlynn L. L. Thing,et al.  IEEE 802.11 Network Anomaly Detection and Attack Classification: A Deep Learning Approach , 2017, 2017 IEEE Wireless Communications and Networking Conference (WCNC).

[27]  Xue Wang,et al.  Comparison deep learning method to traditional methods using for network intrusion detection , 2016, 2016 8th IEEE International Conference on Communication Software and Networks (ICCSN).

[28]  Ejaz Ahmed,et al.  Real-time big data processing for anomaly detection: A Survey , 2019, Int. J. Inf. Manag..

[29]  Ming Fan,et al.  Class Imbalance Oriented Logistic Regression , 2014, 2014 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery.

[30]  Aboubaker Lasebae,et al.  Intrusion Detection and Classification with Autoencoded Deep Neural Network , 2018, SecITC.

[31]  Zheng Wang,et al.  Deep Learning-Based Intrusion Detection With Adversaries , 2018, IEEE Access.

[32]  Miriam A. M. Capretz,et al.  Machine Learning With Big Data: Challenges and Approaches , 2017, IEEE Access.

[33]  Deris Stiawan,et al.  Automatic Features Extraction Using Autoencoder in Intrusion Detection System , 2018, 2018 International Conference on Electrical Engineering and Computer Science (ICECOS).

[34]  Guigang Zhang,et al.  Deep Learning , 2016, Int. J. Semantic Comput..

[35]  Kejiang Ye,et al.  Dynamic Network Anomaly Detection System by Using Deep Learning Techniques , 2019, CLOUD.

[36]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[37]  Jaime Lloret,et al.  Network Traffic Classifier With Convolutional and Recurrent Neural Networks for Internet of Things , 2017, IEEE Access.

[38]  Je-Won Kang,et al.  Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security , 2016, PloS one.

[39]  Christophe G. Giraud-Carrier,et al.  Informing the Use of Hyperparameter Optimization Through Metalearning , 2017, 2017 IEEE International Conference on Data Mining (ICDM).

[40]  Youngjun Yoo,et al.  Hyperparameter optimization of deep neural network using univariate dynamic encoding algorithm for searches , 2019, Knowl. Based Syst..

[41]  Ali A. Ghorbani,et al.  Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization , 2018, ICISSP.

[42]  Daniele Miorandi,et al.  REATO: REActing TO Denial of Service attacks in the Internet of Things , 2018, Comput. Networks.

[43]  Nour Moustafa,et al.  Identification of malicious activities in industrial internet of things based on deep learning models , 2018, J. Inf. Secur. Appl..

[44]  Kedar Potdar,et al.  A Comparative Study of Categorical Variable Encoding Techniques for Neural Network Classifiers , 2017 .

[45]  Qi Shi,et al.  A Deep Learning Approach to Network Intrusion Detection , 2018, IEEE Transactions on Emerging Topics in Computational Intelligence.

[46]  Mohsen Guizani,et al.  Deep Learning for IoT Big Data and Streaming Analytics: A Survey , 2017, IEEE Communications Surveys & Tutorials.

[47]  Mostafa Ezziyyani,et al.  Multilayered Echo-State Machine: A Novel Architecture for Efficient Intrusion Detection , 2018, IEEE Access.

[48]  Chunhua Wang,et al.  Machine Learning and Deep Learning Methods for Cybersecurity , 2018, IEEE Access.

[49]  Jian Sun,et al.  Delving Deep into Rectifiers: Surpassing Human-Level Performance on ImageNet Classification , 2015, 2015 IEEE International Conference on Computer Vision (ICCV).

[50]  Kalamullah Ramli,et al.  Study on implementation of machine learning methods combination for improving attacks detection accuracy on Intrusion Detection System (IDS) , 2015, 2015 International Conference on Quality in Research (QiR).

[51]  Deris Stiawan,et al.  Investigating Brute Force Attack Patterns in IoT Network , 2019, J. Electr. Comput. Eng..

[52]  Yu Lasheng,et al.  Deep Learning Approach Combining Sparse Autoencoder With SVM for Network Intrusion Detection , 2018, IEEE Access.

[53]  Jiankun Hu,et al.  A holistic review of Network Anomaly Detection Systems: A comprehensive survey , 2019, J. Netw. Comput. Appl..

[54]  Geoffrey E. Hinton,et al.  Deep Learning , 2015, Nature.

[55]  Alicia Troncoso Lora,et al.  Random Hyper-parameter Search-Based Deep Neural Network for Power Consumption Forecasting , 2019, IWANN.

[56]  Guodong Han,et al.  Effective Feature Extraction via Stacked Sparse Autoencoder to Improve Intrusion Detection System , 2018, IEEE Access.

[57]  Yuefei Zhu,et al.  A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks , 2017, IEEE Access.

[58]  Aaron Klein,et al.  Towards Automatically-Tuned Deep Neural Networks , 2019, Automated Machine Learning.

[59]  Gulshan Kumar,et al.  Evaluation Metrics for Intrusion Detection Systems - A Study , 2014 .

[60]  Vijay Varadharajan,et al.  A Detailed Investigation and Analysis of Using Machine Learning Techniques for Intrusion Detection , 2019, IEEE Communications Surveys & Tutorials.

[61]  Manuel López Martín,et al.  Application of deep reinforcement learning to intrusion detection for supervised problems , 2020, Expert Syst. Appl..

[62]  Daniel Díaz López,et al.  Shielding IoT against Cyber-Attacks: An Event-Based Approach Using SIEM , 2018, Wirel. Commun. Mob. Comput..

[63]  Yuanyuan Qiao,et al.  A Survey on Machine Learning-Based Mobile Big Data Analysis: Challenges and Applications , 2018, Wirel. Commun. Mob. Comput..

[64]  Christian Diedrich,et al.  Accelerated deep neural networks for enhanced Intrusion Detection System , 2016, 2016 IEEE 21st International Conference on Emerging Technologies and Factory Automation (ETFA).