The Integrated Three-dimensional Deep Learning Approach for an Efficient Intrusion Detection System Using Spatiol-Temporal Features
Subject Areas : Multimedia Processing, Communications Systems, Intelligent Systems
Roya Zareh Farkhady
1
,
Kambiz Majidzadeh
2
,
Mohammad Masdari
3
,
Ali Ghaffari
4
1 - Ph.D. Student, Department of Computer Engineering, Urmia Branch, Islamic Azad University, Urmia, Iran.
2 - Assistant Professor, Department of Computer Engineering, Urmia Branch, Islamic Azad University, Urmia, Iran
3 - Assistant Professor, Department of Computer Engineering, Urmia Branch, Islamic Azad University, Urmia, Iran
4 - Associate Professor, Department of Computer Engineering, Tabriz Branch, Islamic Azad University, Tabriz, Iran
Keywords: Deep learning, convolutional networks, three-dimensional, short-term long-term memory, spatial feature, temporal feature.,
Abstract :
Abstract
Introduction: Intrusion detection systems in network traffic increase network security by detecting abnormal inputs and attacks. Deep learning algorithms are used to learn features in network security for large-scale data. On the other hand, if the input data for a model has high dimensions, there will be more neighbors for each data, which leads to higher accuracy in the model. Simultaneously learning spatial and temporal features for each model is challenging too.
Method: This study presents a method for converting input data into three-dimensional. In the proposed model, Convolution with Short-term Long-term Memory Branches (CLBS3) is used to improve features' spatial learning with three-dimensional input data. In parallel, Short-term Long-term Memory learns hierarchical relationships between different features and extracts temporal features. Finally, the integrated approach of the CLBS3 model uses extracted spatial-temporal features for network data classification
Results: Tests were conducted on the UNSW-NB15 dataset, and performance evaluation of CLBS3 shows that compared to contemporary intrusion detection methods, the proposed model with an accuracy of 98.46% with fewer errors of 1.8% in the UNSW-NB15 dataset provides better performance in intrusion detection.
Discussion: The present study aims to propose CLBS method, which detects attacks by considering the limitations of IoT resources. In order to create an efficient and accurate IDS, the combination of convolution neural networks and Short-term Long-term Memory applied in the fog to separate the attacks from normal traffic. Our proposed method was tested using the UNSW-NB15 dataset, and the results demonstrate enhanced accuracy compared to existing methods, as well as a low false positive rate.
[1] P. Mishra, V. Varadharajan, U. Tupakula, and E. S. Pilli, "A detailed investigation and analysis of using machine learning techniques for intrusion detection," IEEE communications surveys & tutorials, vol. 21, pp. 686-728, 2018.#
[2] L. O. Anyanwu, J. Keengwe, and G. A. Arome, "Scalable intrusion detection with recurrent neural networks," in 2010 Seventh International Conference on Information Technology: New Generations, 2010, pp. 919-923.#
[3] Z. X. Yang, X. L. Qin, W. R. Li, and Y. J. Yang, "A DDoS detection approach based on CNN in cloud computing," Applied Mechanics and Materials, vol. 513, pp. 579-584, 2014.#
[4] R. C. Staudemeyer, "Applying long short-term memory recurrent neural networks to intrusion detection," South African Computer Journal, vol. 56, pp. 136-154, 2015.#
[5] H. K. Maragheh, F. S. Gharehchopogh, K. Majidzadeh, and A. B. Sangar, "A Hybrid Model Based on Convolutional Neural Network and Long Short-Term Memory for Multi-label Text Classification," Neural Processing Letters, vol. 56, p. 42, 2024/02/16 2024.#
[6] H. Ebrahimi, K. Majidzadeh, and F. Soleimanian Gharehchopogh, "Integration of deep learning model and feature selection for multi-label classification," International Journal of Nonlinear Analysis and Applications, vol. 13, pp. 2871-2883, 2022.#
[7] H. Wang, J. Gu, and S. Wang, "An effective intrusion detection framework based on SVM with feature augmentation," Knowledge-Based Systems, vol. 136, pp. 130-139, 2017.#
[8] M. Usha and P. Kavitha, "Anomaly based intrusion detection for 802.11 networks with optimal features using SVM classifier," Wireless Networks, vol. 23, pp. 2431-2446, 2017.#
[9] W. Meng, W. Li, and L. F. Kwok, "Design of intelligent KNN‐based alarm filter using knowledge‐based alert verification in intrusion detection," Security and Communication Networks, vol. 8, pp. 3883-3895, 2015.#
[10] G. Serpen and E. Aghaei, "Host-based misuse intrusion detection using PCA feature extraction and kNN classification algorithms," Intelligent Data Analysis, vol. 22, pp. 1101-1114, 2018.#
[11] Y. Y. Aung and M. M. Min, "An analysis of K-means algorithm based network intrusion detection system," Advances in Science, Technology and Engineering Systems Journal, vol. 3, pp. 496-501, 2018.#
[12] N. Farnaaz and M. Jabbar, "Random forest modeling for network intrusion detection system," Procedia Computer Science, vol. 89, pp. 213-217, 2016.#
[13] K. Peng, V. C. Leung, L. Zheng, S. Wang, C. Huang, and T. Lin, "Intrusion detection system based on decision tree over big data in fog environment," Wireless Communications and Mobile Computing, vol. 2018, p. 4680867, 2018.#
[14] E. Besharati, M. Naderan, and E. Namjoo, "LR-HIDS: logistic regression host-based intrusion detection system for cloud environments," Journal of Ambient Intelligence and Humanized Computing, vol. 10, pp. 3669-3692, 2019.#
[15] S. Teng, N. Wu, H. Zhu, L. Teng, and W. Zhang, "SVM-DT-based adaptive and collaborative intrusion detection," IEEE/CAA Journal of Automatica Sinica, vol. 5, pp. 108-118, 2017.#
[16] P. Tao, Z. Sun, and Z. Sun, "An improved intrusion detection algorithm based on GA and SVM," Ieee Access, vol. 6, pp. 13624-13631, 2018.#
[17] A. Khraisat, I. Gondal, P. Vamplew, J. Kamruzzaman, and A. Alazab, "A novel ensemble of hybrid intrusion detection system for detecting internet of things attacks," Electronics, vol. 8, p. 1210, 2019.#
[18] A. Shenfield, D. Day, and A. Ayesh, "Intelligent intrusion detection systems using artificial neural networks," Ict Express, vol. 4, pp. 95-99, 2018.#
[19] M. M. Baig, M. M. Awais, and E.-S. M. El-Alfy, "A multiclass cascade of artificial neural network for network intrusion detection," Journal of Intelligent & Fuzzy Systems, vol. 32, pp. 2875-2883, 2017.#
[20] I. Sumaiya Thaseen, J. Saira Banu, K. Lavanya, M. Rukunuddin Ghalib, and K. Abhishek, "An integrated intrusion detection system using correlation‐based attribute selection and artificial neural network," Transactions on Emerging Telecommunications Technologies, vol. 32, p. e4014, 2021.#
[21] J. Kim, J. Kim, H. Kim, M. Shim, and E. Choi, "CNN-based network intrusion detection against denial-of-service attacks," Electronics, vol. 9, p. 916, 2020.#
[22] M. T. Nguyen and K. Kim, "Genetic convolutional neural network for intrusion detection systems," Future Generation Computer Systems, vol. 113, pp. 418-427, 2020.#
[23] S. A. Althubiti, E. M. Jones, and K. Roy, "LSTM for anomaly-based network intrusion detection," in 2018 28th International telecommunication networks and applications conference (ITNAC), 2018, pp. 1-3.#
[24] A. Chawla, P. Jacob, B. Lee, and S. Fallon, "Bidirectional LSTM autoencoder for sequence based anomaly detection in cyber security," International Journal of Simulation–Systems, Science & Technology, vol. 20, pp. 1-6, 2019.#
[25] M. Amar and B. E. Ouahidi, "Weighted LSTM for intrusion detection and data mining to prevent attacks," International Journal of Data Mining, Modelling and Management, vol. 12, pp. 308-329, 2020.#
[26] S. N. M. Khosroshahi, S. N. Razavi, A. Babazadeh Sangar, and K. Majidzadeh, "Offline Identification of the Author using Heterogeneous Data based on Deep Learning," Computational Intelligence in Electrical Engineering, vol. 13, pp. 115-134, 2022.#
[27] M. A. Khan, M. R. Karim, and Y. Kim, "A scalable and hybrid intrusion detection system based on the convolutional-LSTM network," Symmetry, vol. 11, p. 583, 2019.#
[28] W. Wang, Y. Sheng, J. Wang, X. Zeng, X. Ye, Y. Huang, et al., "HAST-IDS: Learning hierarchical spatial-temporal features using deep neural networks to improve intrusion detection," IEEE access, vol. 6, pp. 1792-1806, 2017.#
[29] J. Zhang, Y. Ling, X. Fu, X. Yang, G. Xiong, and R. Zhang, "Model of the intrusion detection system based on the integration of spatial-temporal features," Computers & Security, vol. 89, p. 101681, 2020.#
[30] P. R. Kanna and P. Santhi, "Unified deep learning approach for efficient intrusion detection system using integrated spatial–temporal features," Knowledge-Based Systems, vol. 226, p. 107132, 2021.#
