Network Intrusion Detection Model Based on Improved BYOL Self-Supervised Learning

The combination of deep learning and intrusion detection has become a hot topic in today’s network security. In the face of massive, high-dimensional network traffic with uneven sample distribution, how to be able to accurately detect anomalous traffic is the primary task of intrusion detection. Most research on intrusion detection systems based on network anomalous traffic detection has focused on supervised learning; however, the process of obtaining labeled data often requires a lot of time and effort, as well as the support of network experts. Therefore, it is worthwhile investigating the development of label-free self-supervised learning-based approaches called BYOL which is a simple and elegant framework with sufficiently powerful feature extraction capabilities for intrusion detection systems. In this paper, we propose a new data augmentation strategy for intrusion detection data and an intrusion detection model based on label-free self-supervised learning, using a new data augmentation strategy to introduce a perturbation enhancement model to learn invariant feature representation capability and an improved BYOL self-supervised learning method to train the UNSW-NB15 intrusion detection dataset without labels to extract network traffic feature representations. Linear evaluation on UNSW-NB15 and transfer learning on NSK-KDD, KDD CUP99, CIC IDS2017, and CIDDS_001 achieve excellent performance in all metrics.

[1]  Geoffrey E. Hinton,et al.  Visualizing Data using t-SNE , 2008 .

[2]  Li Fei-Fei,et al.  ImageNet: A large-scale hierarchical image database , 2009, CVPR.

[3]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[4]  Carl K. Chang,et al.  Bayesian Model Averaging of Bayesian Network Classifiers for Intrusion Detection , 2014, 2014 IEEE 38th International Computer Software and Applications Conference Workshops.

[5]  Takehisa Yairi,et al.  Anomaly Detection Using Autoencoders with Nonlinear Dimensionality Reduction , 2014, MLSDA'14.

[6]  Nour Moustafa,et al.  UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set) , 2015, 2015 Military Communications and Information Systems Conference (MilCIS).

[7]  S. P. Shantharajah,et al.  A Study on NSL-KDD Dataset for Intrusion Detection System Based on Classification Algorithms , 2015 .

[8]  Jian Sun,et al.  Deep Residual Learning for Image Recognition , 2015, 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[9]  Xue Wang,et al.  Comparison deep learning method to traditional methods using for network intrusion detection , 2016, 2016 8th IEEE International Conference on Communication Software and Networks (ICCSN).

[10]  Howon Kim,et al.  Long Short Term Memory Recurrent Neural Network Classifier for Intrusion Detection , 2016, 2016 International Conference on Platform Technology and Service (PlatCon).

[11]  Alexander Perez-Pons,et al.  HMM-Based Intrusion Detection System for Software Defined Networking , 2016, 2016 15th IEEE International Conference on Machine Learning and Applications (ICMLA).

[12]  Yuefei Zhu,et al.  A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks , 2017, IEEE Access.

[13]  Takashi Nishide,et al.  Network Intrusion Detection Based on Semi-supervised Variational Auto-Encoder , 2017, ESORICS.

[14]  Andreas Hotho,et al.  Flow-based benchmark data sets for intrusion detection , 2017 .

[15]  Yi Yi Aung,et al.  Hybrid Intrusion Detection System using K-means and K-Nearest Neighbors Algorithms , 2018, 2018 IEEE/ACIS 17th International Conference on Computer and Information Science (ICIS).

[16]  Jiankun Hu,et al.  A novel statistical technique for intrusion detection systems , 2018, Future Gener. Comput. Syst..

[17]  Paul Jacob,et al.  Host Based Intrusion Detection System with Combined CNN/RNN Model , 2018, Nemesis/UrbReas/SoGood/IWAISe/GDM@PKDD/ECML.

[18]  Abien Fred Agarap A Neural Network Architecture Combining Gated Recurrent Unit (GRU) and Support Vector Machine (SVM) for Intrusion Detection in Network Traffic Data , 2017, ICMLC.

[19]  Fahimeh Farahnakian,et al.  A deep auto-encoder based approach for intrusion detection system , 2018, 2018 20th International Conference on Advanced Communication Technology (ICACT).

[20]  Ali A. Ghorbani,et al.  Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization , 2018, ICISSP.

[21]  Stefan C. Kremer,et al.  Network intrusion detection system based on recursive feature addition and bigram technique , 2018, Comput. Secur..

[22]  Oriol Vinyals,et al.  Representation Learning with Contrastive Predictive Coding , 2018, ArXiv.

[23]  M. A. Novotny,et al.  An evaluation of the performance of Restricted Boltzmann Machines as a model for anomaly network intrusion detection , 2018, Comput. Networks.

[24]  Wooju Kim,et al.  Unsupervised learning approach for network intrusion detection system using autoencoders , 2019, The Journal of Supercomputing.

[25]  Xuewen Xia,et al.  Efficient Feature Selection Algorithm Based on Particle Swarm Optimization With Learning Memory , 2019, IEEE Access.

[26]  Mohamed Rida,et al.  Intelligent approach to build a Deep Neural Network based IDS for cloud environment using combination of machine learning algorithms , 2019, Comput. Secur..

[27]  Albert Y. Zomaya,et al.  A Hybrid Deep Learning-Based Model for Anomaly Detection in Cloud Datacenter Networks , 2019, IEEE Transactions on Network and Service Management.

[28]  Jie Gu,et al.  A novel approach to intrusion detection using SVM ensemble with feature augmentation , 2019, Comput. Secur..

[29]  Akhan Akbulut,et al.  Evolving deep learning architectures for network intrusion detection using a double PSO metaheuristic , 2020, Comput. Networks.

[30]  Kannan Arputharaj,et al.  Intrusion detection using dynamic feature selection and fuzzy temporal decision tree classification for wireless sensor networks , 2020, IET Commun..

[31]  Geoffrey E. Hinton,et al.  A Simple Framework for Contrastive Learning of Visual Representations , 2020, ICML.

[32]  Sile Li,et al.  Network Intrusion Detection Model Based on Improved Convolutional Neural Network , 2020, CSIA.

[33]  Pierre H. Richemond,et al.  Bootstrap Your Own Latent: A New Approach to Self-Supervised Learning , 2020, NeurIPS.

[34]  Shuokang Huang,et al.  IGAN-IDS: An imbalanced generative adversarial network towards intrusion detection system in ad-hoc networks , 2020, Ad Hoc Networks.

[35]  Jesus Olivares-Mercado,et al.  Synthetic Minority Oversampling Technique for Optimizing Classification Tasks in Botnet and Intrusion-Detection-System Datasets , 2020, Applied Sciences.

[36]  S. Ganapathy,et al.  A deep learning approach for effective intrusion detection in wireless networks using CNN , 2020, Soft Comput..

[37]  Ross B. Girshick,et al.  Momentum Contrast for Unsupervised Visual Representation Learning , 2019, 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR).

[38]  Pieter Abbeel,et al.  Bottleneck Transformers for Visual Recognition , 2021, 2021 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR).

[39]  Meng-Yen Hsieh,et al.  A two-stage intrusion detection approach for software-defined IoT networks , 2021, Soft Computing.

[40]  Ahmed J. Obaid,et al.  Improving Extreme Learning Machine Accuracy Utilizing Genetic Algorithm for Intrusion Detection Purposes , 2021 .

[41]  Chen Dong,et al.  Multi-dimensional feature fusion and stacking ensemble mechanism for network intrusion detection , 2021, Future Gener. Comput. Syst..

[42]  S. Gelly,et al.  An Image is Worth 16x16 Words: Transformers for Image Recognition at Scale , 2020, ICLR.

[43]  Jianhua Ma,et al.  Variational LSTM Enhanced Anomaly Detection for Industrial Big Data , 2021, IEEE Transactions on Industrial Informatics.

[44]  Abdulkadir Sengür,et al.  Machine learning methods for cyber security intrusion detection: Datasets and comparative study , 2021, Comput. Networks.

[45]  Youssef Fakir,et al.  Data Mining Approach for Intrusion Detection , 2021, CBI.

[46]  Jenq-Shiou Leu,et al.  Effectiveness of Focal Loss for Minority Classification in Network Intrusion Detection Systems , 2020, Symmetry.

[47]  Daojing He,et al.  Intrusion detection methods based on integrated deep learning model , 2021, Comput. Secur..

[48]  Julien Mairal,et al.  Emerging Properties in Self-Supervised Vision Transformers , 2021, 2021 IEEE/CVF International Conference on Computer Vision (ICCV).

[49]  Jie Gu,et al.  An effective intrusion detection approach using SVM with naïve Bayes feature embedding , 2021, Comput. Secur..

[50]  Mohamed Elhoseny,et al.  Secure blockchain enabled Cyber-physical systems in healthcare using deep belief network with ResNet model , 2021, J. Parallel Distributed Comput..

[51]  Xing Xu,et al.  Toward Effective Intrusion Detection Using Log-Cosh Conditional Variational Autoencoder , 2020, IEEE Internet of Things Journal.