Network Intrusion Detection with 1D Convolutional Neural Networks
This work is licensed under a Creative Commons Attribution 4.0 International License.
The authors shall retain the copyright of their work but allow the Publisher to publish, copy, distribute, and convey the work.
Digital Technologies Research and Applications (DTRA) publishes accepted manuscripts under Creative Commons Attribution 4.0 International (CC BY 4.0). Authors who submit their papers for publication by DTRA agree to have the CC BY 4.0 license applied to their work, and that anyone is allowed to reuse the article or part of it free of charge for any purpose, including commercial use. As long as the author and original source are properly cited, anyone may copy, redistribute, reuse, and transform the content.
Computer network assets expose to various cyber threats in today’s digital era. Network Anomaly Detection Systems (NADS) play a vital role in protecting digital assets in the purview of network security. Intrusion detection systems data are imbalanced and high dimensioned, affecting models’ performance in classifying malicious traffic. This paper uses a denoising autoencoder (DAE) for feature selection to reduce data dimension. To balance the data, the authors use a combined approach of oversampling technique, adaptive synthetic (ADASYN) and a cluster-based under-sampling method using a clustering algorithm, Kmeans. Then, a one-dimensional convolutional neural network (1D-CNN) is used to perform classification. The performance of the proposed model is evaluated on UNSW-NB15 and NSL-KDD datasets. The experimental results show that the model produces a detection rate of 98.79% and 97.23% on UNSW-NB15 for binary classification and multiclass classification, respectively. In the evaluation using NSL-KDD, the model yields a detection rate of 98.52% for binary type classification and 98.16% for multiclass type classification.
Keywords:DAE ADASYN Feature selection Imbalance processing NADS Network security Deep learning CNN
- Tahaei, H., Afifi, F., Asemi, A., et al., 2020. The rise of traffic classification in IoT networks: A survey. Journal of Network and Computer Applications. 154, 102538.
- Bernardi, M.L., Cimitile, M., Distante, D., et al., 2019. Dynamic malware detection and phylogeny analysis using process mining. International Journal of Information Security. 18(3), 257–284.
- Giovanni, A., Bernardi, M.L., Cimitile, M., et al., 2018. A fuzzy clustering-based approach to study malware phylogeny. 2018 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE). pp. 1–8.
- Liu, Ch., Gu, Zh.J., Wang, J.L., 2021. A hybrid intrusion detection system based on scalable k-means+ random forest and deep learning. IEEE Access. 9, 75729–75740.
- El-Khatib, K., 2009. Impact of feature reduction on the efficiency of wireless intrusion detection systems. IEEE Transactions on Parallel and Distributed Systems. 21(8), 1143–1149.
- Zhang, H., Li, J.L., Liu, X.M., et al., 2021. Multi-dimensional feature fusion and stacking ensemble mechanism for network intrusion detection. Future Generation Computer Systems. 122, 130–143.
- Kumar, G., 2020. An improved ensemble approach for effective intrusion detection. The Journal of Supercomputing. 76(1), 275–291.
- Liu, X.Y., Wu, J.X., Zhou, Zh.H., 2008. Exploratory undersampling for class-imbalance learning. IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics). 39(2), 539–550.
- Chawla, N.V., Bowyer, K.W., Hall, L.O., et al., 2002. Smote: synthetic minority over-sampling technique. Journal of Artificial Intelligence Research. 16, 321– 357.
- He, H.B., Bai, Y., Garcia, E.A., et al., 2008. Adasyn: Adaptive synthetic sampling approach for imbalanced learning. 2008 IEEE International Joint Conference on Neural Networks (IEEE world congress on computational intelligence). pp. 1322–1328.
- Mateusz, B., Atsuto, M., Mazurowski, M.A., 2018. A systematic study of the class imbalance problem in convolutional neural networks. Neural Networks. 106, 249–259.
- Zhang, H.P., Wu, C.Q., Gao, Sh., et al., 2018. An effective deep learning based scheme for network intrusion detection. 2018 24th International Conference on Pattern Recognition (ICPR). pp. 682–687.
- Manuel, L.M., Belen, C., Antonio, S.E., et al., 2017. Conditional variational autoencoder for prediction and feature recovery applied to intrusion detection in IoT. Sensors. 17(9), 1967.
- Yin, Ch.L., Zhu, Y.F., Fei, J.L., et al., 2017. A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access. 5, 21954–21961.
- Diro, A.A., Chilamkurti, N., 2018. Distributed attack detection scheme using deep learning approach for internet of things. Future Generation Computer Systems. 82, 761–768.
- Baig, M.M., Awais, M.M., El-Alfy, E.M., 2017. A multiclass cascade of artificial neural network for network intrusion detection. Journal of Intelligent & Fuzzy Systems. 32(4), 2875–2883.
- Kwon, D., Kim, H., Kim, J., et al., 2019. A survey of deep learning-based network anomaly detection.Cluster Computing. 22(1), 949–961.
- Vinayakumar, R., Alazab, M., Soman, K.P., et al., 2019. Deep learning approach for intelligent intrusion detection system. IEEE Access. 7, 41525–41550.
- Pasupa, K., Sunhem, W., 2016. A comparison between shallow and deep architecture classifiers on small dataset. 2016 8th International Conference on Information Technology and Electrical Engineering (ICITEE). pp. 1–6.
- The UNSW-NB15 data set description.
- Moustafa, N., Slay, J., 2015. Unsw-nb15: a comprehensive data set for network intrusion detection systems (unsw-nb15 network data set). 2015 military communications and information systems conference (MilCIS). pp. 1–6.
- Hinton, G.E., Osindero, S., Teh, Y.W., 2006. A fast learning algorithm for deep belief nets. Neural Computation. 18(7), 1527–1554.
- Laqtib, S., Yassini, K.E., Hasnaoui, M.L., 2019. Evaluation of deep learning approaches for intrusion detection system in manet. The Proceedings of the Third International Conference on Smart City Applications. pp. 986–998.
- The NSL-KDD data set description.
- O’Shea, K., Nash, R., 2015. An introduction to convolutional neural networks. Computer Science. DOI: https://doi.org/10.48550/arXiv.1511.08458
- Wu, H.B., Gu, X.D., 2015. Max-pooling dropout for regularization of convolutional neural networks. International Conference on Neural Information Processing. pp. 46–54.
- Maitra, S., Ojha, R.K., Ghosh, K., 2018. Impact of convolutional neural network input parameters on classification performance. 2018 4th International Conference for Convergence in Technology (I2CT). pp. 1–5.
- Wen, L., Gao, L., Li, X.Y., et al., 2021. Convolutional neural network with automatic learning rate scheduler for fault classification. IEEE Transactions on Instrumentation and Measurement. 70, 1–12.
- Yang, Y.Q., Zheng, K.F., Wu, Ch.H., et al., 2019. Improving the classification effectiveness of intrusion detection by using improved conditional variational autoencoder and deep neural network. Sensors. 19(11), 2528.
- Ma, T., Wang, F., Cheng, J.J., et al., 2016. A hybrid spectral clustering and deep neural network ensemble algorithm for intrusion detection in sensor networks. Sensors. 16(10), 1701.
- Imamverdiyev, Y., Abdullayeva, F., 2018. Deep learning method for denial of service attack detection based on restricted boltzmann machine. Big Data. 6(2), 159–169.