An Efficient Intrusion Detection System to Combat Cyber Threats using a Deep Neural Network Model
DOI:
https://doi.org/10.5614/itbj.ict.res.appl.2023.17.3.2Keywords:
artificial deep neural network, correlation tool, DDoS, machine learning, network intrusion detection system, RF-score, XGBoost-scoreAbstract
The proliferation of Internet of Things (IoT) solutions has led to a significant increase in cyber-attacks targeting IoT networks. Securing networks and especially wireless IoT networks against these attacks has become a crucial but challenging task for organizations. Therefore, ensuring the security of wireless IoT networks is of the utmost importance in today?s world. Among various solutions for detecting intruders, there is a growing demand for more effective techniques. This paper introduces a network intrusion detection system (NIDS) based on a deep neural network that utilizes network data features selected through the bagging and boosting methods. The presented NIDS implements both binary and multiclass attack detection models and was evaluated using the KDDCUP 99 and CICDDoS datasets. The experimental results demonstrated that the presented NIDS achieved an impressive accuracy rate of 99.4% while using a minimal number of features. This high level of accuracy makes the presented IDS a valuable tool.
Downloads
References
Ahmed, M., Mahmood, AN. & Hu, J., A Survey of Network Anomaly Detection Techniques, Journal of Network and Computer Applications, 60(1), pp. 19-31, Jan. 2016.
Alazab, J., Abawajy M., Hobbs, R., Layton & Khraisat, A., Crime Toolkits: The Productisation of Cybercrime, IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pp. 1626-1632, 2013.
Lastovicka, M. & Celeda, P., Situational Awareness: Detecting Critical Dependencies and Devices in a Network, In IFIP International Conference on Autonomous Infrastructure, Management and Security, pp. 173-178, 2017.
Gong, Y., Mabu, S., Chen C., Wang Y. & Hirasawa, K., Intrusion Detection System Combining Misuse Detection and Anomaly Detection using Genetic Network Programming, in 2009 ICCAS-SICE IEEE, pp. 3463-3467, 2019.
Hall, J., Barbeau, M. & Kranakis, E., Anomaly-Based Intrusion Detection using Mobility Profiles of Public Transportation Users, IEEE International Conference on Wireless and Mobile Computing, Networking and Communications IEEE, pp. 17-24, 2005.
Lee, J., Moskovic, S. & Silacci, L., A Survey of Intrusion Detection Analysis Methods, University of California, San Diego, pp. 1-9, 1999.
Ektefa, M., Memar, S., Sidi, F. & Affendey, L.S., Intrusion Detection Using Data Mining Techniques, International Conference on Information Retrieval & Knowledge Management (CAMP), pp. 200-203, 2010.
Othman S.M., Ba-Alwi, F.M., Alsohybe, N.T. & Al-Hashida A.Y., Intrusion Detection Model Using Machine Learning Algorithm on Big Data Environment, Journal of Big Data. 5(1), Pp.1-12, Dec 2018.
Althubiti, S.A., Jones, E.M. & Roy, K., LSTM For Anomaly-Based Network Intrusion Detection, in 28th International Telecommunication Networks and Applications Conference (ITNAC), pp. 1-3, 2018.
Buczak, A.L. & Guven, E., A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection, IEEE Communications Surveys & Tutorials, 18(2), pp. 1153-1176, 2015
Chaabouni, N., Mosbah, M., Zemmari, A., Sauvignac, C. & Faruki, P., Network Intrusion Detection for IoT Security Based on Learning Techniques, IEEE Communications Surveys & Tutorials, 21(3), pp. 2671-2701, 2019.
Choudhary, G., Sharma, V., You, I., Yim, K., Chen, R. & Cho, J.H., Intrusion Detection Systems for Networked Unmanned Aerial Vehicles: A Survey, 14th International Wireless Communications & Mobile Computing Conference (IWCMC), pp. 560-565, 2018.
Sharma, V., You, I., Andersson, K., Palmieri, F., Rehmani, M.H. & Lim, J., Security, Privacy and Trust for Smart Mobile-Internet of Things (M-IoT): A Survey, IEEE Access, 8 (1), pp. 167123-167163, Sep. 2020.
Kumar, P., Kumar, R., Gupta, G.P. & Tripathi, R., A Distributed Framework for Detecting DDoS Attacks in Smart Contract?Based Blockchain?Iot Systems by Leveraging Fog Computing, Transactions on Emerging Telecommunications Technologies, 32(6), pp.1-12, Jun. 2020.
Deep, S., Zheng, X., Jolfaei, A., Yu, D., Ostovari, P. & Kashif Bashir, A., A Survey of Security and Privacy Issues in the Internet of Things from the Layered Context, Transactions on Emerging Telecommunications Technologies, pp. 1-22, Feb, 2020.
Shafiq, M., Tian, Z., Bashir, A.K., Du, X. & Guizani, M., Corrauc: A Malicious Bot-IoT Traffic Detection Method in IoT Network Using Machine Learning Techniques, IEEE Internet of Things Journal, 8(5), pp.3242-3254, Jun. 2020.
Shafiq, M., Tian, Z., Bashir, A.K., Du, X. & Guizani, M., IoT Malicious Traffic Identification Using Wrapper-Based Feature Selection Mechanisms, Computers & Security, 94(1), pp. 1-22, Jul. 2020.
Seong, T.B., Ponnusamy, V., Jhanjhi, N.Z., Annur, R. & Talib, M.N., A Comparative Analysis on Traditional Wired Datasets and the Need for Wireless Datasets for IoT Wireless Intrusion Detection, Indonesian Journal of Electrical Engineering and Computer Science, 22(2), 1165-1176, 2021
Vigneswaran, K.R., Vinayakumar, R., Soman, K.P., Poornachandran P., Evaluating Shallow and Deep Neural Networks for Network Intrusion Detection Systems in Cyber Security, 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT), pp. 1-6, 2018.
Alazzam, H., Sharieh, A. & Sabri, K.E., A Feature Selection Algorithm for Intrusion Detection System Based on Pigeon Inspired Optimizer, Expert Systems with Applications, 148, 113249, 2020.
Aboueata, N., Alrasbi, S., Erbad, A., Kassler, A. & Bhamare, D., Supervised Machine Learning Techniques for Efficient Network Intrusion Detection, in 2019 28th International Conference on Computer Communication and Networks (ICCCN), pp. 1-8, IEEE, July 2019
Meftah, S., Rachidi, T. & Assem, N., Network Based Intrusion Detection using The UNSW-NB15 Dataset, International Journal of Computing and Digital Systems, 8(5), pp. 478-487, 2019.
Injadat, M., Moubayed, A., Nassif, A.B. & Shami, A., Multi-Stage Optimized Machine Learning Framework for Network Intrusion Detection, IEEE Transactions on Network and Service Management, 18(2), pp. 1803-1816, 2020.
Gu, J.& Lu, S., An Effective Intrusion Detection Approach using SVM with Nae Bayes Feature Embedding. Computers & Security, 103, 102158. 2021.
Moustafa, N., A New Distributed Architecture for Evaluating AI-Based Security Systems at the Edge: Network TON_IoT Datasets. Sustainable Cities and Society, 72, 102994, 2021.
Disha, R.A. & Waheed, S., Performance Analysis of Machine Learning Models for Intrusion Detection System Using Gini Impurity-Based Weighted Random Forest (GIWRF) Feature Selection Technique, Cybersecurity, 5(1), 1, 2022.
Vigneswaran, K.R., Vinayakumar, R., Soman, K.P. & Poornachandran P., Evaluating Shallow and Deep Neural Networks for Network Intrusion Detection Systems in Cyber Security, 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT), pp. 1-6, 2018.
Gautam, R.K.S. & Doegar. E.A., An Ensemble Approach for Intrusion Detection System Using Machine Learning Algorithms, 8th International Conference on Cloud Computing, Data Science & Engineering (Confluence), pp. 14-15, 2018.
Adeyemo, V.E., Abdullah, A., Jhan Jhi, N.Z., Supramaniam, M. & Balogun, A.O., Ensemble and Deep-Learning Methods for Two-Class and Multi-Attack Anomaly Intrusion Detection: An Empirical Study, International Journal of Advanced Computer Science and Applications, 10(9), pp.520-528, 2019.
Kasongo, S.M. & Sun, Y., A Deep Long Short-Term Memory Based Classifier for Wireless Intrusion Detection System, ICT Express, 6(2), pp. 98-103, Jun. 2020.
Vinayakumar, R., Soman, K.P & Poornachandran, P., Applying Convolutional Neural Network for Network Intrusion Detection, International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 1222-1228, 2017.
Yin, H., Xue, M., Xiao, Y., Xia, K. & Yu, G., Intrusion Detection Classification Model on an Improved k-Dependence Bayesian Network, IEEE Access, 7(1), pp. 157555-157563, Oct. 2019.
Song, H. M., Woo, J. & Kim, H.K., In-Vehicle Network Intrusion Detection Using Deep Convolutional Neural Network, Vehicular Communications, 21, pp. 100198- 100210, Jan. 2020.
Ahmad, Z., Shahid Khan, A., Wai Shiang, C., Abdullah, J. & Ahmad, F., Network Intrusion Detection System: A Systematic Study of Machine Learning and Deep Learning Approaches, Transactions on Emerging Telecommunications Technologies, 32(1), pp. 1-29, Jan. 2020
Sapr, S., Ahmadi, P. & Islam, K., A Robust Comparison of the KDD Cup99 and NSL-KDD IoT Network Intrusion Detection Datasets Through Various Machine Learning Algorithms, arXiv Preprint arXiv:1912.13204, pp. 1-8, Dec. 2019.
Vinayakumar, R., Alazab, M., Soman, K., Poornachandran, P., Al-Nemrat A. & Venkatraman, S., Deep Learning Approach for Intelligent Intrusion Detection System, IEEE Access, 7, pp. 41525-41550, Apr. 2019.
Zhang, L., Liu, K., Xie, X., Bai, W., Wu, B. & Dong, P., A Data-Driven Network Intrusion Detection System Using Feature Selection and Deep Learning, Journal of Information Security and Applications, 78, 103606, 2023.
Man, D., Zeng, F., Yang, W., Yu, M., Lv, J. & Wang, Y. Intelligent Intrusion Detection Based on Federated Learning for Edge-Assisted Internet of Things, Security and Communication Networks, 1-11, 2021.
Hamdi, N., Federated Learning-Based Intrusion Detection System for Internet of Things, International Journal of Information Security, 22(6), 1937-1948, 2023.
Bhattacharya, S., Kaluri, R., Singh, S., Alazab, M. & Tariq, U., A Novel PCA-Firefly Based XGBoost Classification Model for Intrusion Detection in Networks Using GPU, Electronics, 9(2), pp. 1-16, Feb. 2020.
Alazzam, H., Sharieh, A. & Sabri, K.E., A Feature Selection Algorithm for Intrusion Detection System Based on Pigeon Inspired Optimizer, Expert Systems with Applications, 148, pp. 1-14, Jun. 2020.
Thaseen, I.S., Chitturi, A.K., Al?Turjman, F., Shankar, A., Ghalib, M.R. & Abhishek, K., An Intelligent Ensemble of Long?Short?Term Memory with Genetic Algorithm for Network Anomaly Identification, Transactions on Emerging Telecommunications Technologies, pp. 1-21, Oct. 2020.
KDD Cup 1999 Data, Intrusion Detection,
http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html (6 June 2021).
DDoS Dataset, https://www.kaggle.com/datasets/devendra416/ddos-datasets (11 Sep 2023)