A Deep Learning Approach for Network Intrusion Detection System

Javaid, Ahmad Y.; Niyaz, Quamar; Sun, Weiqing; Alam, M. S.

doi:10.4108/eai.3-12-2015.2262516

Cited by 741 publications

(404 citation statements)

References 14 publications

Supporting

Mentioning

344

Contrasting

Unclassified

Order By: Relevance

“…They performed the training operation with 20%, 30% and 40% of the NSL-KDD train dataset and tested it with the same. Finally, the most recent approach of implementing deep learning for NIDS proposed a Self-Taught Learning (STL) and Soft-max regression (SMR) approach [2]. Their Precision, Recall and F-Measure values were higher for 2 class attack classification but due to use of single spare auto-encoder, the extracted features are not sufficient to classify the all 5-classes in NSL-KDD data with high precision.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Deep Feature Extraction for multi-Class Intrusion Detection in Industrial Control Systems

Potluri¹,

Diedrich²

2017

IJCTE

View full text Add to dashboard Cite

Abstract-In recent days, network based communication is more vulnerable to outsider and insider attacks due to its wide spread applications in different domains. Intrusion detection is a key task for defense-in depth strategy of the communication networks. In order to defend properly against growing threats, Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) need to incorporate this technology. Intrusion Detection System (IDS), a software application or a hardware which is able to monitor the network traffic and find abnormal activities in the network. Due to raise in the network bandwidth and network data a deep packet inspection is necessary to extract proper features and identify the attacks. Deep Neural Networks (DNN) a deep learning approach is used in this paper to identify the different types of attacks in the network packets. NSL-KDD dataset is used to evaluate the effectiveness of the proposed IDS. Experimental results show that the features extracted using DNN provides a better classification accuracy than the conventional machine learning techniques.Index Terms-Deep learning, intrusion detection system, industrial control system, network security, deep neural networks.

show abstract

Section: Related Workmentioning

confidence: 99%

“…Ref. [2] already envisioned that deep learning based approaches can help to overcome the challenges to develop an efficient IDS.…”

mentioning

confidence: 99%

Deep Feature Extraction for multi-Class Intrusion Detection in Industrial Control Systems

Potluri¹,

Diedrich²

2017

IJCTE

View full text Add to dashboard Cite

show abstract

“…Javaid et al [20] propose a deep learning based approach to building an effective and flexible NIDS. Their method is referred to as self-taught learning (STL), which combines a sparse auto-encoder with softmax regression.…”

Section: Existing Workmentioning

confidence: 99%

A Deep Learning Approach to Network Intrusion Detection

Shone

Ngoc

Phai

et al. 2018

IEEE Trans. Emerg. Top. Comput. Intell.

1,155

481

View full text Add to dashboard Cite

Abstract-Network Intrusion Detection Systems (NIDSs) play a crucial role in defending computer networks. However, there are concerns regarding the feasibility and sustainability of current approaches when faced with the demands of modern networks. More specifically, these concerns relate to the increasing levels of required human interaction and the decreasing levels of detection accuracy. This paper presents a novel deep learning technique for intrusion detection, which addresses these concerns. We detail our proposed non-symmetric deep auto-encoder (NDAE) for unsupervised feature learning. Furthermore, we also propose our novel deep learning classification model constructed using stacked NDAEs. Our proposed classifier has been implemented in GPU-enabled TensorFlow and evaluated using the benchmark KDD Cup '99 and NSL-KDD datasets. Promising results have been obtained from our model thus far, demonstrating improvements over existing approaches and the strong potential for use in modern NIDSs.

show abstract

“…For example, Argos [8] applies dynamic taint analysis [70] to detect zero-day attacks and generate new signatures; Honeycomb [71] uses the longest common substring algorithm to detect repeating patterns in order to spot worms; and Bailey's system [10] performs system behavior profiling by comparing an infected virtual filesystem with an uninfected one. In addition, some current learning techniques, such as the deep learning approach for NIDS [72], can also be used in decoys so as to acquire new detection skills for identifying unknown attacks.…”

Section: ) Attack Preventionmentioning

confidence: 99%

Enabling an Anatomic View to Investigate Honeypot Systems: A Survey

Fan

Fernández

et al. 2018

IEEE Systems Journal

View full text Add to dashboard Cite

Abstract-A honeypot is a type of security facility deliberately created to be probed, attacked, and compromised. It is often used for protecting production systems by detecting and deflecting unauthorized accesses. It is also useful for investigating the behavior of attackers, and in particular, unknown attacks. For the past 17 years plenty of effort has been invested in the research and development of honeypot techniques, and they have evolved to be an increasingly powerful means of defending against the creations of the blackhat community. In this paper, by studying a wide set of honeypots, the two essential elements of honeypots-the decoy and the captorare captured and presented, together with two abstract organizational forms-independent and cooperative-where these two elements can be integrated. A novel decoy and captor (D-C) based taxonomy is proposed for the purpose of studying and classifying the various honeypot techniques. An extensive set of independent and cooperative honeypot projects and research that cover these techniques is surveyed under the taxonomy framework. Furthermore, two subsets of features from the taxonomy are identified, which can greatly influence the honeypot performances. These two subsets of features are applied to a number of typical independent and cooperative honeypots separately in order to validate the taxonomy and predict the honeypot development trends.

show abstract

A Deep Learning Approach for Network Intrusion Detection System

Cited by 741 publications

References 14 publications

Deep Feature Extraction for multi-Class Intrusion Detection in Industrial Control Systems

Deep Feature Extraction for multi-Class Intrusion Detection in Industrial Control Systems

A Deep Learning Approach to Network Intrusion Detection

Enabling an Anatomic View to Investigate Honeypot Systems: A Survey

Contact Info

Product

Resources

About