A Hybrid Spectral Clustering and Deep Neural Network Ensemble Algorithm for Intrusion Detection in Sensor Networks

Ma, Tao; Fen, Wang; Cheng, Jianjun; Yu, Yang; Chen, Xiaoyun

doi:10.3390/s16101701

Cited by 195 publications

(118 citation statements)

References 45 publications

(46 reference statements)

Supporting

Mentioning

111

Contrasting

Unclassified

Order By: Relevance

“…The two-class classifier outperformed the five-class classifier: 88.4% accuracy versus 79.1% accuracy. In addition, Ma et al [134] and Aminanto and Kim [135] used similar approaches and achieved similarly good results.…”

Section: Network Intrusion Detectionmentioning

confidence: 87%

A Survey of Deep Learning Methods for Cyber Security

et al. 2019

View full text Add to dashboard Cite

This survey paper describes a literature review of deep learning (DL) methods for cyber security applications. A short tutorial-style description of each DL method is provided, including deep autoencoders, restricted Boltzmann machines, recurrent neural networks, generative adversarial networks, and several others. Then we discuss how each of the DL methods is used for security applications. We cover a broad array of attack types including malware, spam, insider threats, network intrusions, false data injection, and malicious domain names used by botnets.

show abstract

Section: Network Intrusion Detectionmentioning

confidence: 87%

A Survey of Deep Learning Methods for Cyber Security

et al. 2019

View full text Add to dashboard Cite

show abstract

“…The approached LSTM model outperformed accuracies than other IDS models on both datasets. SCDNN [41] 72.64 STL [42] 74.38 DNN [43] 75.75 Gaussian-Bernoulli RBM [44] 73.23 Naive Bayes [38] 74.28 J48 [38] 80.6 ANN [37] 81.2 CART [38] 81.5 MDPCA-DBN [39] 82.08 Zscore+Kmeans [45] 90 RNN [46] 81.29 RNN 89.6 LSTM 92 GRU 91.8 [7] 45.3 Boosted-NB [7] 43.2 AMGA2-NB [7] 94.5 TCM-KNN [40] 92.05 Zscore+Kmeans [45] 95 RNN 94.75 LSTM 97.5 GRU 97.08…”

Section: Discussionmentioning

confidence: 99%

Network Intrusion Detection Based on Novel Feature Selection Model and Various Recurrent Neural Networks

Kim

2019

Applied Sciences

View full text Add to dashboard Cite

The recent increase in hacks and computer network attacks around the world has intensified the need to develop better intrusion detection and prevention systems. The intrusion detection system (IDS) plays a vital role in detecting anomalies and attacks on the network which have become larger and more pervasive in nature. However, most anomaly-based intrusion detection systems are plagued by high false positives. Furthermore, Remote-to-Local (R2L) and User-to-Root (U2R) are two kinds of attack which have low predicted accuracy scores in advance IDS methods. Therefore, this paper proposes a novel IDS framework to overcome these IDS problems. The proposed framework including three main parts. The first part is to build SFSDT model which is the feature selection model. SFSDT is to generate the best feature subset from the original feature set. This model is a hybrid Sequence Forward Selection (SFS) algorithm and Decision Tree (DT) model. The second part is to build various IDS models to train on the best-selected feature subset. The various Recurrent Neural Networks (RNN) are traditional RNN, Long Short-Term Memory (LSTM), and Gated Recurrent Unit (GRU). Two IDS datasets are used for the learned models in experiments including NSL-KDD in 2010 and ISCX in 2012. The final part is to evaluate the proposed model by comparing the proposed models to other IDS models. The experimental results show the proposed models achieve significantly improved accuracy detection rate as well as attack types classification. Furthermore, this approach can reduce the computation time by memory profilers measurement. and abuse of computer systems by both system insiders and external penetrators [4]. The intrusion detection problem is becoming more challenging due to the significant increase in computer network connectivity, the speed of technological advancement, and the ease of finding hackers for hire. Thus, IDSs are security systems used to monitor, recognize, and report malicious activities or policy violations in computer systems and networks. However, the false recognition of IDS results in that it is difficult for network administrators to deal with intrusion reports. These IDSs rely on the signatures of known attacks. Human independent IDSs that incorporate machine learning techniques have been developed as a solution to solve this problem. Besides, machine learning IDSs learn from normal and abnormal traffic by training on a dataset in order to predict an attack by using classification. Several machine learning techniques have been successfully implemented as classifiers on IDSs, but they have numerous flaws such as low throughput and high false detection rates [5][6][7][8].Another challenge in IDS is the different attack types including Probe, R2L, U2R, and Denial-of-Service (DoS) should be detected well by IDS techniques. However, one of the most difficult attacks to detect is R2L attack because it related to the host level features and network level. Besides, U2R attack is also hard to detect at an early stage because it involve...

show abstract

“…One typical method is clustering. Ma et al [53] proposed a DNN and spectral clustering-based detection method. The heterogeneity of flow may cause low accuracy.…”

Section: Traffic Grouping-based Detectionmentioning

confidence: 99%

Machine Learning and Deep Learning Methods for Intrusion Detection Systems: A Survey

2019

View full text Add to dashboard Cite

Networks play important roles in modern life, and cyber security has become a vital research area. An intrusion detection system (IDS) which is an important cyber security technique, monitors the state of software and hardware running in the network. Despite decades of development, existing IDSs still face challenges in improving the detection accuracy, reducing the false alarm rate and detecting unknown attacks. To solve the above problems, many researchers have focused on developing IDSs that capitalize on machine learning methods. Machine learning methods can automatically discover the essential differences between normal data and abnormal data with high accuracy. In addition, machine learning methods have strong generalizability, so they are also able to detect unknown attacks. Deep learning is a branch of machine learning, whose performance is remarkable and has become a research hotspot. This survey proposes a taxonomy of IDS that takes data objects as the main dimension to classify and summarize machine learning-based and deep learning-based IDS literature. We believe that this type of taxonomy framework is fit for cyber security researchers. The survey first clarifies the concept and taxonomy of IDSs. Then, the machine learning algorithms frequently used in IDSs, metrics, and benchmark datasets are introduced. Next, combined with the representative literature, we take the proposed taxonomic system as a baseline and explain how to solve key IDS issues with machine learning and deep learning techniques. Finally, challenges and future developments are discussed by reviewing recent representative studies.

show abstract

A Hybrid Spectral Clustering and Deep Neural Network Ensemble Algorithm for Intrusion Detection in Sensor Networks

Cited by 195 publications

References 45 publications

A Survey of Deep Learning Methods for Cyber Security

A Survey of Deep Learning Methods for Cyber Security

Network Intrusion Detection Based on Novel Feature Selection Model and Various Recurrent Neural Networks

Machine Learning and Deep Learning Methods for Intrusion Detection Systems: A Survey

Contact Info

Product

Resources

About