Author:
Abdelkhalek Ahmed,Mashaly Maggie
Abstract
AbstractNetwork intrusion detection systems (NIDS) are the most common tool used to detect malicious attacks on a network. They help prevent the ever-increasing different attacks and provide better security for the network. NIDS are classified into signature-based and anomaly-based detection. The most common type of NIDS is the anomaly-based NIDS which is based on machine learning models and is able to detect attacks with high accuracy. However, in recent years, NIDS has achieved even better results in detecting already known and novel attacks with the adoption of deep learning models. Benchmark datasets in intrusion detection try to simulate real-network traffic by including more normal traffic samples than the attack samples. This causes the training data to be imbalanced and causes difficulties in detecting certain types of attacks for the NIDS. In this paper, a data resampling technique is proposed based on Adaptive Synthetic (ADASYN) and Tomek Links algorithms in combination with different deep learning models to mitigate the class imbalance problem. The proposed model is evaluated on the benchmark NSL-KDD dataset using accuracy, precision, recall and F-score metrics. The experimental results show that in binary classification, the proposed method improves the performance of the NIDS and outperforms state-of-the-art models with an achieved accuracy of 99.8%. In multi-class classification, the results were also improved, outperforming state-of-the-art models with an achieved accuracy of 99.98%.
Funder
Science and Technology Development Fund
German University in Cairo
Publisher
Springer Science and Business Media LLC
Subject
Hardware and Architecture,Information Systems,Theoretical Computer Science,Software
Reference65 articles.
1. Conti M, Dargahi T, Dehghantanha A (2018) Cyber threat intelligence: challenges and opportunities, pp 1– 6. https://doi.org/10.1007/978-3-319-73951-9_1
2. Faker O, Dogdu E (2019) Intrusion detection using big data and deep learning techniques. In: Proceedings of the 2019 ACM Southeast Conference. ACM SE ’19, pp. 86– 93. Association for Computing Machinery, New York, NY, USA. https://doi.org/10.1145/3299815.3314439
3. Kaur G, Habibi Lashkari A, Rahali A (2020) Intrusion traffic detection and characterization using deep image learning. In: 2020 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech), pp 55– 62. https://doi.org/10.1109/DASC-PICom-CBDCom-CyberSciTech49142.2020.00025
4. Internet Security Threat Report. https://docs.broadcom.com/doc/istr-23-2018-en. Accessed: 2022-07-18
5. Cyberattacks now cost companies \$200,000 on average, putting many out of business. https://www.cnbc.com/2019/10/13/cyberattacks-cost-small-companies-200k-putting-many-out-of-business.html. Published:SUN, OCT 13 2019
Cited by
30 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献