BAT: Deep Learning Methods on Network Intrusion Detection Using NSL-KDD Dataset

Su, Tongtong; Sun, Hongzan; Zhu, Jinqi; Wang, Sheng; Li, Yabo

doi:10.1109/access.2020.2972627

Cited by 276 publications

(147 citation statements)

References 46 publications

Supporting

Mentioning

116

Contrasting

Order By: Relevance

“…To address the misclassification issues in IDS, Su et al [96] proposed BAT-MC, a novel methodology for IDS that integrates the Bat and DL algorithms. The Bat algorithm combines the bidirectional long-short-term memory (BLSTM) with the attention mechanism.…”

Section: Feature Engineering Issues In Datasetmentioning

confidence: 99%

Applications of Machine Learning in Networking: A Survey of Current Issues and Future Challenges

et al. 2021

View full text Add to dashboard Cite

Communication networks are expanding rapidly and becoming increasingly complex. As a consequence, the conventional rule-based algorithms or protocols may no longer perform at their best efficiencies in these networks. Machine learning (ML) has recently been applied to solve complex problems in many fields, including finance, health care, and business. ML algorithms can offer computational models that can solve complex communication network problems and consequently improve performance. This paper reviews the recent trends in the application of ML models in communication networks for prediction, intrusion detection, route and path assignment, Quality of Service improvement, and resource management. A review of the recent literature reveals extensive opportunities for researchers to exploit the advantages of ML in solving complex performance issues in a network, especially with the advancement of softwaredefined networks and 5G.

show abstract

Section: Feature Engineering Issues In Datasetmentioning

confidence: 99%

Applications of Machine Learning in Networking: A Survey of Current Issues and Future Challenges

et al. 2021

View full text Add to dashboard Cite

show abstract

“…An LSTM classifier with a gradient descent optimizer is used in IDS [30], which can effectively mine the association between features from the perspective of time. Su et al [31] combined an attention mechanism and BLSTM (bidirectional long short-term memory) to propose a network anomaly detection model BAT, which extracts coarse-grained features by connecting forward LSTM and backward LSTM. The BAT model uses an attention mechanism to filter the network flow vectors generated by the BLSTM model to obtain the key characteristics of network traffic classification.…”

Section: Related Workmentioning

confidence: 99%

A Novel Wireless Network Intrusion Detection Method Based on Adaptive Synthetic Sampling and an Improved Convolutional Neural Network

Wang

Lei

et al. 2020

IEEE Access

View full text Add to dashboard Cite

The diversity of network attacks poses severe challenges to intrusion detection systems (IDSs). Traditional attack recognition methods usually adopt mining data associations to identify anomalies, which has the disadvantages of a high false alarm rate (FAR), low recognition accuracy (ACC) and poor generalization ability. To ameliorate the comprehensive capabilities of IDS and strengthen network security, we propose a novel intrusion detection method based on the adaptive synthetic sampling (ADASYN) algorithm and an improved convolutional neural network (CNN). First, we use the ADASYN method to balance the sample distribution, which can effectively prevent the model from being sensitive to large samples and ignore small samples. Second, the improved CNN is based on the split convolution module (SPC-CNN), which can increase the diversity of features and eliminate the impact of interchannel information redundancy on model training. Then, an AS-CNN model mixed with ADASYN and SPC-CNN is used for intrusion detection tasks. Finally, the standard NSL-KDD dataset is selected to test AS-CNN. The simulation illustrates that the accuracy is 4.60% and 2.79% higher than that of the traditional CNN and RNN models, and the detection rate (DR) increased by 11.34% and 10.27%, respectively. Additionally, the FAR decreased by 15.58% and 14.57%, respectively, compared with the two models.

show abstract

“…The various attacks included in NSL-KDD dataset include: DoS (Denial of Services) attack, User-to-Root attack, Remote-to-local attack and Probes. In the literature, this dataset has been widely used to assess the performance of anomaly-based attack detection systems for IoT network [6,7,8].…”

Section: Introductionmentioning

confidence: 99%

“…dataset and data pre-processing. NSL-KDD is the latest version of KDD99 dataset and has been widely used by researchers to evaluate the performance of the attack detection system in IoT [6,7,8]. In NSL-KDD dataset, the training data is available in "KDDTrain+" file, consisting of 125973 data entries, out of which 67343 entries represent non-malicious and 58630 entries represent malicious.…”

Section: Introduction To Nsl-kddmentioning

confidence: 99%

Mitigating Malicious Insider Attacks in the Internet of Things using Supervised Machine Learning Techniques

Ahmad

Shah

2021

SCPE

View full text Add to dashboard Cite

The interconnection of large number of smart devices and sensors for critical information gathering and analysis over the internet has given rise to the Internet of Things (IoT) network. In recent times, IoT has emerged as a prime field for solving diverse real-life problems by providing a smart and affordable solutions. The IoT network has various constraints like: limited computational capacity of sensors, heterogeneity of devices, limited energy resource and bandwidth etc. These constraints restrict the use of high-end security mechanisms, thus making these type of networks more vulnerable to various security attacks including malicious insider attacks. Also, it is very difficult to detect such malicious insiders in the network due to their unpredictable behaviour and the ubiquitous nature of IoT network makes the task more difficult. To solve such problems machine learning techniques can be used as they have the ability to learn the behaviour of the system and predict the particular anomaly in the system. So, in this paper we have discussed various security requirements and challenges in the IoT network. We have also applied various supervised machine learning techniques on available IoT dataset to deduce which among them is best suited to detect the malicious insider attacks in the IoT network.

show abstract

BAT: Deep Learning Methods on Network Intrusion Detection Using NSL-KDD Dataset

Cited by 276 publications

References 46 publications

Applications of Machine Learning in Networking: A Survey of Current Issues and Future Challenges

Applications of Machine Learning in Networking: A Survey of Current Issues and Future Challenges

A Novel Wireless Network Intrusion Detection Method Based on Adaptive Synthetic Sampling and an Improved Convolutional Neural Network

Mitigating Malicious Insider Attacks in the Internet of Things using Supervised Machine Learning Techniques

Contact Info

Product

Resources

About