A Convolutional Neural Network with Hyperparameter Tuning for Packet Payload-Based Network Intrusion Detection-Reference-Cited by-同舟云学术

A Convolutional Neural Network with Hyperparameter Tuning for Packet Payload-Based Network Intrusion Detection

Published:2024-09-04 Issue:9 Volume:16 Page:1151
ISSN:2073-8994
Container-title:Symmetry
language:en
Short-container-title:Symmetry

Author:

Boulaiche Ammar¹^ORCID,Haddad Sofiane²^ORCID,Lemouari Ali¹³

Affiliation:

1. LaRIA Laboratory, Faculty of Exact Sciences and Computer Science, University of Jijel, Jijel 18000, Algeria

2. RE Laboratory, Faculty of Science and Technology, University of Jijel, Jijel 18000, Algeria

3. Faculty of Science and Technology, University of Tamanrasset, Tamanrasset 11000, Algeria

Abstract

In the last few years, the use of convolutional neural networks (CNNs) in intrusion detection domains has attracted more and more attention. However, their results in this domain have not lived up to expectations compared to the results obtained in other domains, such as image classification and video analysis. This is mainly due to the datasets used, which contain preprocessed features that are not compatible with convolutional neural networks, as they do not allow a full exploit of all the information embedded in the original network traffic. With the aim of overcoming these issues, we propose in this paper a new efficient convolutional neural network model for network intrusion detection based on raw traffic data (pcap files) rather than preprocessed data stored in CSV files. The novelty of this paper lies in the proposal of a new method for adapting the raw network traffic data to the most suitable format for CNN models, which allows us to fully exploit the strengths of CNNs in terms of pattern recognition and spatial analysis, leading to more accurate and effective results. Additionally, to further improve its detection performance, the structure and hyperparameters of our proposed CNN-based model are automatically adjusted using the self-adaptive differential evolution (SADE) metaheuristic, in which symmetry plays an essential role in balancing the different phases of the algorithm, so that each phase can contribute in an equal and efficient way to finding optimal solutions. This helps to make the overall performance more robust and efficient when solving optimization problems. The experimental results on three datasets, KDD-99, UNSW-NB15, and CIC-IDS2017, show a strong symmetry between the frequency values implemented in the images built for each network traffic and the different attack classes. This was confirmed by a good predictive accuracy that goes well beyond similar competing models in the literature.

Funder

Algerian Ministry of Higher Education and Scientific Research

Publisher

MDPI AG

Link

https://www.mdpi.com/2073-8994/16/9/1151/pdf

Reference46 articles.

1. Cyber security: State of the art, challenges and future directions;Admass;Cyber Secur. Appl.,2024

2. Kwon, H., Kim, Y., Yoon, H., and Choi, D. (2017). Optimal cluster expansion-based intrusion tolerant system to prevent denial of service attacks. Appl. Sci., 7.

3. Adaptive intrusion tolerant control for a class of uncertain nonlinear cyber-physical systems with full-state constraints;Cuan;Automatica,2024

4. Federated Learning for intrusion detection system: Concepts, challenges and future directions;Agrawal;Comput. Commun.,2022

5. A comprehensive review of AI based intrusion detection system;Sowmya;Meas. Sens.,2023