A Novel Multimodal-Sequential Approach Based on Multi-View Features for Network Intrusion Detection

He, Hong; Sun, Xiaobing; He, Hongdou; Zhao, Guyu; He, Ligang; Ren, Jiadong

doi:10.1109/access.2019.2959131

Cited by 65 publications

(24 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [3], He et al, proposed a combination of a Multimodal Deep Auto Encoder (MDAE) and an LSTM for conducting anomaly detection. This novel approach was tested on three datasets from 1999 to 2017, namely, NSL-KDD, UNSW-NB15 and CICIDS2017 achieving, for multi-class classification, accuracy scores of 80.20%, 86.20% and 98.60%, respectively.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Intelligent Cyber Attack Detection and Classification for Network-Based Intrusion Detection Systems

Oliveira¹,

Praça²,

Maia³

et al. 2021

Applied Sciences

View full text Add to dashboard Cite

With the latest advances in information and communication technologies, greater amounts of sensitive user and corporate information are shared continuously across the network, making it susceptible to an attack that can compromise data confidentiality, integrity, and availability. Intrusion Detection Systems (IDS) are important security mechanisms that can perform the timely detection of malicious events through the inspection of network traffic or host-based logs. Many machine learning techniques have proven to be successful at conducting anomaly detection throughout the years, but only a few considered the sequential nature of data. This work proposes a sequential approach and evaluates the performance of a Random Forest (RF), a Multi-Layer Perceptron (MLP), and a Long-Short Term Memory (LSTM) on the CIDDS-001 dataset. The resulting performance measures of this particular approach are compared with the ones obtained from a more traditional one, which only considers individual flow information, in order to determine which methodology best suits the concerned scenario. The experimental outcomes suggest that anomaly detection can be better addressed from a sequential perspective. The LSTM is a highly reliable model for acquiring sequential patterns in network traffic data, achieving an accuracy of 99.94% and an f1-score of 91.66%.

show abstract

Section: Related Workmentioning

confidence: 99%

“…The latter, also known as misuse detection, attempts to detect and classify attacks by matching predefined patterns. Although maintaining reasonable levels of false alarm rates, this technique is only suitable for well-known attacks [3]. To overcome this disadvantage, some researchers have developed flexible signature-based NIDS [4,5].…”

Section: Introductionmentioning

confidence: 99%

Intelligent Cyber Attack Detection and Classification for Network-Based Intrusion Detection Systems

Oliveira¹,

Praça²,

Maia³

et al. 2021

Applied Sciences

View full text Add to dashboard Cite

show abstract

“…In the same vein, in He et al [59], authors extracted various levels of features from the network connection (the opposite of traditional long feature vectors) in order to process information more efficiently separately. They also present a multi-modalsequential IDS supported by multi-modal deep auto-encoder and LSTM technologies, which provide the advantage of automatically learning temporal information between connections amongst adjacent networks.…”

Section: Literature Review and Analysismentioning

confidence: 99%

Untitled

2021

JUSPN

View full text Add to dashboard Cite

Reinforcement learning and recurrent networks are two emerging machine-learning paradigms. The first learns the best actions an agent needs to perform to maximize its rewards in a particular environment and the second has the specificity to use an internal state to remember previous analysis results and consider them for the current one. Research into RL and recurrent network has been proven to have made a real contribution to the protection of ubiquitous systems and pervasive networks against intrusions and malwares. In this paper, a systematic review of this research was performed in regard to various attacks and an analysis of the trends and future fields of interest for the RL and recurrent network-based research in network security was complete.

show abstract

“…In [3], He et al, proposed a combination between a Multimodal Deep Auto Encoder (MDAE) and a LSTM for conducting anomaly detection. This novel approach was tested on three datasets from 1999 to 2017, namely, NSL-KDD, UNSW-NB15 and CICIDS2017 achieving, for multi-class classification, accuracy scores of 80.20%, 86.20% and 98.60%, respectively.…”

Section: Related Workmentioning

confidence: 99%

“…The last, also known as misuse detection, attempts to detect and classify attacks by matching predefined patterns. This technique although maintaining reasonable levels of false alarms rates it is only good for well-known attacks [3]. In order to overcome this disadvantage some researchers have developed flexible signature-based NIDS [4,5].…”

Section: Introductionmentioning

confidence: 99%

Intelligent Cyber-Attack Detection and Classification for Network-based Intrusion Detection Systems

Oliveira¹,

Praça²,

Maia³

et al. 2020

Preprint

View full text Add to dashboard Cite

With the latest advances in information and communication technologies, greater amounts of sensitive user and corporate information are constantly shared across the network making it susceptible to an attack that can compromise data confidentiality, integrity and availability. Intrusion Detection Systems (IDS) are important security mechanisms that can perform a timely detection of malicious events through the inspection of network traffic or host-based logs. Throughout the years, many machine learning techniques have proven to be successful at conducting anomaly detection but only a few considered the sequential nature of data. This work proposes a sequential approach and evaluates the performance of a Random Forest (RF), a Multi-Layer Perceptron (MLP) and a Long-Short Term Memory (LSTM) on the CIDDS-001 dataset. The resulting performance measures of this particular approach are compared with the ones obtained from a more traditional one, that only considers individual flow information, in order to determine which methodology best suits the concerned scenario. The experimental outcomes lead to believe that anomaly detection can be better addressed from a sequential perspective and that the LSTM is a very reliable model for acquiring sequential patterns in network traffic data, achieving an accuracy of 99.94% and a f1-score of 91.66%.

show abstract

A Novel Multimodal-Sequential Approach Based on Multi-View Features for Network Intrusion Detection

Cited by 65 publications

References 28 publications

Intelligent Cyber Attack Detection and Classification for Network-Based Intrusion Detection Systems

Intelligent Cyber Attack Detection and Classification for Network-Based Intrusion Detection Systems

Untitled

Intelligent Cyber-Attack Detection and Classification for Network-based Intrusion Detection Systems

Contact Info

Product

Resources

About