Document Type : Research Article

Authors

1 Information Technology Department, College of Computer and Information Sciences, King Saud University, Riyadh, Saudi Arabia.

2 Information Technology Department, College of Computer and Information Sciences, King Saud University, Riyadh, Saudi Arabia

Abstract

With present-day technological advancements, the number of devices connected to the Internet has increased dramatically. Cybersecurity attacks are increasingly becoming a threat to individuals and organizations. Contemporary security frameworks incorporate Network Intrusion Detection Systems (NIDS). These systems are an essential component for ensuring the security of computer networks against attacks. In this paper, two deep learning architectures are proposed for both binary and multi-class classification of network attacks. The models, CNN-IDS and LSTM-IDS, are based on Convolutional Neural Network and Long Short Term Memory architectures, respectively. The models are evaluated using the well-known NSL-KDD dataset. The performance is measured in terms of accuracy, precision, recall, and F-measure. Experimental results show that the models achieve good performance in terms of accuracy and recall. Network intrusion detection systems are an integral part of contemporary networks. They provide administrators with an early warning for known and unknown attacks. In this paper, two deep learning architectures to aid administrators in detecting network attacks are outlined

Keywords

[1] Ajith Abraham, Crina Grosan, and Yuehui Chen. Cyber security and the evolution in intrusion detection systems. Journal of Engineering and Technology, ISSN, pages 0973–2632, 2005.
[2] Ahmad Javaid, Quamar Niyaz, Weiqing Sun, and Mansoor Alam. A deep learning approach for network intrusion detection system. In Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (formerly BIONETICS), pages 21– 26, 2016.
[3] Chuanqi Tan, Fuchun Sun, Tao Kong, Wenchang Zhang, Chao Yang, and Chunfang Liu. A survey on deep transfer learning. In International conference on artificial neural networks, pages 270–279. Springer, 2018.
[4] Shih-Wei Lin, Kuo-Ching Ying, Chou-Yuan Lee, and Zne-Jung Lee. An intelligent algorithm with feature selection and decision rules applied to anomaly intrusion detection. Applied Soft Computing, 12(10):3285–3290, 2012.
[5] Levent Koc, Thomas A Mazzuchi, and Shahram Sarkani. A network intrusion detection system based on a hidden na¨ıve bayes multiclass classifier. Expert Systems with Applications, 39(18):13492– 13500, 2012.
[6] Ikram Sumaiya Thaseen and Cherukuri Aswani Kumar. Intrusion detection model using fusion of chi-square feature selection and multi class svm. Journal of King Saud University-Computer and Information Sciences, 29(4):462–472, 2017.
[7] Wathiq Laftah Al-Yaseen, Zulaiha Ali Othman, and Mohd Zakree Ahmad Nazri. Multi-level hybrid support vector machine and extreme learning machine based on modified k-means for intrusion detection system. Expert Systems with Applications, 67:296–303, 2017.
[8] Chuanlong Yin, Yuefei Zhu, Jinlong Fei, and Xinzheng He. A deep learning approach for intrusion detection using recurrent neural networks. Ieee Access, 5:21954–21961, 2017.
[9] Zhipeng Li, Zheng Qin, Kai Huang, Xiao Yang, and Shuxiong Ye. Intrusion detection using convolutional neural networks for representation learning. In International conference on neural information processing, pages 858–866. Springer, 2017.
[10] Mahbod Tavallaee, Ebrahim Bagheri, Wei Lu, and Ali A Ghorbani. A detailed analysis of the kdd cup 99 data set. In 2009 IEEE symposium on computational intelligence for security and defense applications, pages 1–6. IEEE, 2009.
[11] Brian Lee, Sandhya Amaresh, Clifford Green, and Daniel Engels. Comparative study of deep learning models for network intrusion detection. SMU Data Science Review, 1(1):8, 2018.
[12] Najwa Altwaijry, Ameerah ALQahtani, and Isra AlTuraiki. A deep learning approach for anomalybased network intrusion detection. In International Conference on Big Data and Security, pages 603–615. Springer, 2019.
[13] Arwa Aldweesh, Abdelouahid Derhab, and Ahmed Z Emam. Deep learning approaches for anomaly-based intrusion detection systems: A survey, taxonomy, and open issues. KnowledgeBased Systems, 189:105124, 2020. [14] Yasir Hamid, Veeran Ranganathan Balasaraswathi, Ludovic Journaux, and Muthukumarasamy Sugumaran. Benchmark datasets for network intrusion detection: A review. IJ Network Security, 20(4):645–654, 2018.
[15] Mart´ın Abadi, Ashish Agarwal, Paul Barham, Eugene Brevdo, Zhifeng Chen, Craig Citro, Greg S Corrado, Andy Davis, Jeffrey Dean, Matthieu Devin, et al. Tensorflow: Large-scale machine learning on heterogeneous distributed systems. arXiv preprint arXiv:1603.04467, 2016.
[16] Tijmen Tieleman and Geoffrey Hinton. Lecture 6.5-rmsprop: Divide the gradient by a running average of its recent magnitude. COURSERA: Neural networks for machine learning, 4(2):26–31, 2012.
[17] Kingma Da. A method for stochastic optimization. arXiv preprint arXiv:1412.6980, 2014.
[18] Bhupendra Ingre and Anamika Yadav. Performance analysis of nsl-kdd dataset using ann. In 2015 international conference on signal processing and communication engineering systems, pages 92–96. IEEE, 2015.
[19] Tuan A Tang, Lotfi Mhamdi, Des McLernon, Syed Ali Raza Zaidi, and Mounir Ghogho. Deep learning approach for network intrusion detection in software defined networking. In 2016 international conference on wireless networks and mobile communications (WINCOM), pages 258–263. IEEE, 2016.
[20] Majjed Al-Qatf, Yu Lasheng, Mohammed Al-Habib, and Kamal Al-Sabahi. Deep learning approach combining sparse autoencoder with svm for network intrusion detection. IEEE Access, 6: 52843–52856, 2018.
[21] Manuel Lopez-Martin, Belen Carro, Antonio Sanchez-Esguevillas, and Jaime Lloret. Network traffic classifier with convolutional and recurrent neural networks for internet of things. IEEE Access, 5:18042–18050, 2017.
[22] Mohammad Lotfollahi, Mahdi Jafari Siavoshani, Ramin Shirali Hossein Zade, and Mohammdsadegh Saberian. Deep packet: A novel approach for encrypted traffic classification using deep learning. Soft Computing, 24(3):1999–2012, 2020.
[23] Giuseppe Aceto, Domenico Ciuonzo, Antonio Montieri, and Antonio Pescap`e. Mimetic: Mobile encrypted traffic classification using multimodal deep learning. Computer Networks, 165:106944, 2019.
[24] Giuseppe Aceto, Domenico Ciuonzo, Antonio Montieri, and Antonio Pescap´e. Mobile encrypted traffic classification using deep learning: Experimental evaluation, lessons learned, and challenges. IEEE Transactions on Network and Service Management, 16(2):445–458, 20.