Author:
Xu Chenjian,Sun Weirui,Li Mengxue
Abstract
With the rapid evolution of network technologies, network attacks have become increasingly intricate and threatening. The escalating frequency of network intrusions has exerted a profound influence on both industrial settings and everyday activities. This underscores the urgent necessity for robust methods to detect malicious network traffic. While intrusion detection techniques employing Temporal Convolutional Networks (TCN) and Transformer architectures have exhibited commendable classification efficacy, most are confined to the temporal domain. These methods frequently fall short of encompassing the entirety of the frequency spectrum inherent in network data, thereby resulting in information loss. To mitigate this constraint, we present DTT, a novel dual-domain intrusion detection model that amalgamates TCN and Transformer architectures. DTT adeptly captures both high-frequency and low-frequency information, thereby facilitating the simultaneous extraction of local and global features. Specifically, we introduce a dual-domain feature extraction (DFE) block within the model. This block effectively extracts global frequency information and local temporal features through distinct branches, ensuring a comprehensive representation of the data. Moreover, we introduce an input encoding mechanism to transform the input into a format suitable for model training. Experiments conducted on two distinct datasets address concerns regarding data duplication and diverse attack types, respectively. Comparative experiments with recent intrusion detection models unequivocally demonstrate the superior performance of the proposed DTT model.
Publisher
European Alliance for Innovation n.o.
Reference39 articles.
1. PATIL, D.R. and PATTEWAR, T.M. (2022) Majority voting and feature selection based network intrusion detection system. EAI Endorsed Transactions on Scalable Information Systems 9(6): e6. doi: 10.4108/eai.4-4-2022.173780, https://¬publications.eai.eu/¬index.php/¬sis/¬article/¬view/¬350.
2. NOVAES NETO, N., MADNICK, S., DE PAULA, M.G., MALARA BORGES, N. et al. (2021) A case study of the capital one data breach: Why didn’t compliance requirements help prevent it? Journal of Information System Security 17(1): 49–78. http://¬dx.doi.org/¬10.2139/¬ssrn.3542567.
3. PEISERT, S., SCHNEIER, B., OKHRAVI, H., MASSACCI, F., BENZEL, T., LANDWEHR, C., MANNAN, M. et al. (2021) Perspectives on the solarwinds incident. IEEE Security & Privacy 19(2): 7–13. doi: 10.1109/MSEC.2021.3051235.
4. YIN, J., TANG, M., CAO, J., YOU, M., WANG, H. and ALAZAB, M. (2023) Knowledge-driven cybersecurity intelligence: Software vulnerability coexploitation behavior discovery. IEEE Transactions on Industrial Informatics 19(4): 5593–5601. doi: 10.1109/TII.2022.3192027.
5. ZHANG, C., COSTA-PEREZ, X. and PATRAS, P. (2022) Adversarial attacks against deep learning-based network intrusion detection systems and defense mechanisms. IEEE/ACM Transactions on Networking 30(3): 1294–1311. doi: 10.1109/TNET.2021.3137084.