A Convolutional Neural Network for Improved Anomaly-Based Network Intrusion Detection

Al-Turaiki, Isra; Altwaijry, Najwa

doi:10.1089/big.2020.0263

Cited by 69 publications

(47 citation statements)

References 45 publications

(85 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Furthermore, using the six most relevant features to generate deep features showed improved performance. The comes in agreement with results recently reported in the literature that demonstrates the merits of DFS and PCA for cybersecurity research [2,33]. Although the detection of DGA domains is challenging, the results of this study suggest that DFS and PCA could improve the performance of machine learning algorithms for the identification of domain names generated by a DGA or its variants.…”

Section: Tablesupporting

confidence: 92%

“…The main questions that this research was designed to answer are: (1) Does feature category affect the classification accuracy of domain names? ; (2) what are the most influential features for the detection of malicious domain names ? ; and (3) can the most relevant features be exploited using automatic feature engineering techniques to improve classification accuracy?…”

Section: Discussionmentioning

confidence: 99%

“…In order to exploit the information carried by the top features identified by the feature importance measures (Subsection 3.3), we utilize feature engineer- This process improves model performance by utilizing the power of the most relevant features [2]. In this research, we use Deep Feature Synthesis (DFS) [18] to generate new deep features.…”

Section: Automatic Feature Engineeringmentioning

confidence: 99%

See 2 more Smart Citations

Improved Detection of Malicious Domain Names Using Gradient Boosted Machines and Feature Engineering

Alhogail¹,

Al-Turaiki

2022

ITC

Self Cite

View full text Add to dashboard Cite

Malicious domain names have been commonly used in recent years to launch different cyber-attacks. There are a large number of malicious domains that are registered every day and some of which are only active for brief periods of time. Therefore, the automated malicious domain names detection is needed to provide security for individuals and organisations. As new technologies continue to emerge, the detection of malicious domain names remains a challenging task. In this study, we propose a model to effectively detect malicious domain names. This is done by evaluating the performance of several machine learning algorithms and feature importance measures using a recent DNS dataset. Based on the empirical evaluation, the gradient boosted machines GBM classiﬁcation with a combination of lexical and host-based features produce the most accurate detection rates of 98.8% accuracy and a low false positive rate of 0.003. In terms of feature importance, measures used in this study agree on the importance of six features, ﬁve of which are lexical in nature. Furthermore, to make the best out of these relevant features, we apply automatic feature engineering. Our results show that preprocessing the dataset using deep feature synthesis and then reducing the dimensionality improves the classiﬁcations performance as compared to using raw features. The results of this study are then veriﬁed using a challenging category of domain names, the domain generation algorithm dataset, and consistent results are obtained.

show abstract

Section: Tablesupporting

confidence: 92%

Section: Discussionmentioning

confidence: 99%

Section: Automatic Feature Engineeringmentioning

confidence: 99%

See 1 more Smart Citation

Improved Detection of Malicious Domain Names Using Gradient Boosted Machines and Feature Engineering

Alhogail¹,

Al-Turaiki

2022

ITC

Self Cite

View full text Add to dashboard Cite

show abstract

“…Our research adopted the preprocessing method proposed by Isra et al [24] and enhanced it by doubling the range of conversion value. In the original idea proposed by Isra et al [24], attributes were converted into grayscale, between 0 to 255 [26]. These grayscale values were used to generate small square images and placed sequentially.…”

Section: Related Workmentioning

confidence: 99%

Multi-Class Intrusion Detection Using Two-Channel Color Mapping in IEEE 802.11 Wireless Network

et al. 2022

View full text Add to dashboard Cite

The rise of interconnected devices through wireless networks provides two sides consequences. On one side, it helps many human tasks; on the other hand, the prone wireless medium opens the vulnerable system to be exploited by adversaries. An Intrusion Detection System (IDS) is one method to inspect the network traffic by leveraging state-of-the-art anomaly detection techniques. Deep learning models have been utilized to distinguish the benign and malicious traffic. However, projecting the tabular data into images before the image classification has been the main challenge of leveraging deep learning for IDS purposes. We propose the novel projection of tabular data into 2-coded color mapping for IDS purposes. The proposed method employs a feature selection method to ensure optimal dimensionality. We examined the different number of attribute subsets to obtain the relationship between the attributes. Furthermore, it takes advantage of the Convolutional Neural Network (CNN) model to classify the Wi-Fi attacks. We evaluate the proposed model using the most common Wi-Fi attacks dataset, Aegean Wi-Fi Intrusion Dataset (AWID2). The proposed method achieved an F1 score of 99.73% and a false positive rate of 0.24%. This study highlights the importance of addressing the mapping procedures from tabular data into grid-based data before deep learning training and validates the effectiveness of CNN to detect multiple types of wireless network attacks.

show abstract

“…This paper proposes a DCNN followed by a deep-neural-networks (DNN)-based IDS. The primary advantage of a DCNN is its ability to exploit the correlation between features [ 17 ]. A DCNN works on a lower number of parameters than other DL models [ 18 ].…”

Section: Introductionmentioning

confidence: 99%

A New Intrusion Detection System for the Internet of Things via Deep Convolutional Neural Network and Feature Engineering

Ullah

Ahmad

Khan

et al. 2022

Sensors

View full text Add to dashboard Cite

The Internet of Things (IoT) is a widely used technology in automated network systems across the world. The impact of the IoT on different industries has occurred in recent years. Many IoT nodes collect, store, and process personal data, which is an ideal target for attackers. Several researchers have worked on this problem and have presented many intrusion detection systems (IDSs). The existing system has difficulties in improving performance and identifying subcategories of cyberattacks. This paper proposes a deep-convolutional-neural-network (DCNN)-based IDS. A DCNN consists of two convolutional layers and three fully connected dense layers. The proposed model aims to improve performance and reduce computational power. Experiments were conducted utilizing the IoTID20 dataset. The performance analysis of the proposed model was carried out with several metrics, such as accuracy, precision, recall, and F1-score. A number of optimization techniques were applied to the proposed model in which Adam, AdaMax, and Nadam performance was optimum. In addition, the proposed model was compared with various advanced deep learning (DL) and traditional machine learning (ML) techniques. All experimental analysis indicates that the accuracy of the proposed approach is high and more robust than existing DL-based algorithms.

show abstract

A Convolutional Neural Network for Improved Anomaly-Based Network Intrusion Detection

Cited by 69 publications

References 45 publications

Improved Detection of Malicious Domain Names Using Gradient Boosted Machines and Feature Engineering

Improved Detection of Malicious Domain Names Using Gradient Boosted Machines and Feature Engineering

Multi-Class Intrusion Detection Using Two-Channel Color Mapping in IEEE 802.11 Wireless Network

A New Intrusion Detection System for the Internet of Things via Deep Convolutional Neural Network and Feature Engineering

Contact Info

Product

Resources

About