Deep Learning Model Transposition for Network Intrusion Detection Systems

Detalhes bibliográficos
Autor(a) principal: Figueiredo, João
Data de Publicação: 2023
Outros Autores: Serrão, Carlos, Almeida, Ana Maria de
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
Texto Completo: https://hdl.handle.net/10316/114807
https://doi.org/10.3390/electronics12020293
Resumo: Companies seek to promote a swift digitalization of their business processes and new disruptive features to gain an advantage over their competitors. This often results in a wider attack surface that may be exposed to exploitation from adversaries. As budgets are thin, one of the most popular security solutions CISOs choose to invest in is Network-based Intrusion Detection Systems (NIDS). As anomaly-based NIDS work over a baseline of normal and expected activity, one of the key areas of development is the training of deep learning classification models robust enough so that, given a different network context, the system is still capable of high rate accuracy for intrusion detection. In this study, we propose an anomaly-based NIDS using a deep learning stacked-LSTM model with a novel pre-processing technique that gives it context-free features and outperforms most related works, obtaining over 99% accuracy over the CICIDS2017 dataset. This system can also be applied to different environments without losing its accuracy due to its basis on context-free features. Moreover, using synthetic network attacks, it has been shown that this NIDS approach can detect specific categories of attacks.
id RCAP_8f2c2dec1e584ad50bf86aa96199a40b
oai_identifier_str oai:estudogeral.uc.pt:10316/114807
network_acronym_str RCAP
network_name_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository_id_str https://opendoar.ac.uk/repository/7160
spelling Deep Learning Model Transposition for Network Intrusion Detection Systemsnetwork intrusion detection system (NIDS)intrusion detectionanomaly detectiondeep learning (DL)long short-term memory (LSTM)Companies seek to promote a swift digitalization of their business processes and new disruptive features to gain an advantage over their competitors. This often results in a wider attack surface that may be exposed to exploitation from adversaries. As budgets are thin, one of the most popular security solutions CISOs choose to invest in is Network-based Intrusion Detection Systems (NIDS). As anomaly-based NIDS work over a baseline of normal and expected activity, one of the key areas of development is the training of deep learning classification models robust enough so that, given a different network context, the system is still capable of high rate accuracy for intrusion detection. In this study, we propose an anomaly-based NIDS using a deep learning stacked-LSTM model with a novel pre-processing technique that gives it context-free features and outperforms most related works, obtaining over 99% accuracy over the CICIDS2017 dataset. This system can also be applied to different environments without losing its accuracy due to its basis on context-free features. Moreover, using synthetic network attacks, it has been shown that this NIDS approach can detect specific categories of attacks.MDPI2023info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articlehttps://hdl.handle.net/10316/114807https://hdl.handle.net/10316/114807https://doi.org/10.3390/electronics12020293eng2079-9292Figueiredo, JoãoSerrão, CarlosAlmeida, Ana Maria deinfo:eu-repo/semantics/openAccessreponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiainstacron:RCAAP2024-04-12T10:22:56Zoai:estudogeral.uc.pt:10316/114807Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireinfo@rcaap.ptopendoar:https://opendoar.ac.uk/repository/71602025-05-29T06:08:00.457269Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiafalse
dc.title.none.fl_str_mv Deep Learning Model Transposition for Network Intrusion Detection Systems
title Deep Learning Model Transposition for Network Intrusion Detection Systems
spellingShingle Deep Learning Model Transposition for Network Intrusion Detection Systems
Figueiredo, João
network intrusion detection system (NIDS)
intrusion detection
anomaly detection
deep learning (DL)
long short-term memory (LSTM)
title_short Deep Learning Model Transposition for Network Intrusion Detection Systems
title_full Deep Learning Model Transposition for Network Intrusion Detection Systems
title_fullStr Deep Learning Model Transposition for Network Intrusion Detection Systems
title_full_unstemmed Deep Learning Model Transposition for Network Intrusion Detection Systems
title_sort Deep Learning Model Transposition for Network Intrusion Detection Systems
author Figueiredo, João
author_facet Figueiredo, João
Serrão, Carlos
Almeida, Ana Maria de
author_role author
author2 Serrão, Carlos
Almeida, Ana Maria de
author2_role author
author
dc.contributor.author.fl_str_mv Figueiredo, João
Serrão, Carlos
Almeida, Ana Maria de
dc.subject.por.fl_str_mv network intrusion detection system (NIDS)
intrusion detection
anomaly detection
deep learning (DL)
long short-term memory (LSTM)
topic network intrusion detection system (NIDS)
intrusion detection
anomaly detection
deep learning (DL)
long short-term memory (LSTM)
description Companies seek to promote a swift digitalization of their business processes and new disruptive features to gain an advantage over their competitors. This often results in a wider attack surface that may be exposed to exploitation from adversaries. As budgets are thin, one of the most popular security solutions CISOs choose to invest in is Network-based Intrusion Detection Systems (NIDS). As anomaly-based NIDS work over a baseline of normal and expected activity, one of the key areas of development is the training of deep learning classification models robust enough so that, given a different network context, the system is still capable of high rate accuracy for intrusion detection. In this study, we propose an anomaly-based NIDS using a deep learning stacked-LSTM model with a novel pre-processing technique that gives it context-free features and outperforms most related works, obtaining over 99% accuracy over the CICIDS2017 dataset. This system can also be applied to different environments without losing its accuracy due to its basis on context-free features. Moreover, using synthetic network attacks, it has been shown that this NIDS approach can detect specific categories of attacks.
publishDate 2023
dc.date.none.fl_str_mv 2023
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv https://hdl.handle.net/10316/114807
https://hdl.handle.net/10316/114807
https://doi.org/10.3390/electronics12020293
url https://hdl.handle.net/10316/114807
https://doi.org/10.3390/electronics12020293
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv 2079-9292
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.publisher.none.fl_str_mv MDPI
publisher.none.fl_str_mv MDPI
dc.source.none.fl_str_mv reponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron:RCAAP
instname_str FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron_str RCAAP
institution RCAAP
reponame_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
collection Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository.name.fl_str_mv Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
repository.mail.fl_str_mv info@rcaap.pt
_version_ 1833602587385921536

Registros relacionados