Design and implementation of intrusion detection system using convolutional neural network for DoS detection

Nguyen, Sinh-Ngoc; Nguyen, Van-Quyet; Choi, Jintae; Kim, Kyungbaek

doi:10.1145/3184066.3184089

Cited by 48 publications

(29 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Due to the capacity of learning features automatically by deep learning, researchers apply deep learning to intrusion detection to resolve the characteristic dependence problem mentioned above. Nguyen et al [19] [20] modeled network traffic as time-series, in a predefined time range with supervised learning methods.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A Worm Detection System Based on Deep Learning

Zhou

Yang

et al. 2020

IEEE Access

View full text Add to dashboard Cite

In today's cyber world, worms pose a great threat to the global network infrastructure. In this paper, we propose a worm detection system based on deep learning. It includes two main modules: one worm detection module based on a convolutional neural network (CNN) and one automatic worm signature generation module based on a deep neural network (DNN). In the CNN-based worm detection module, we propose three kinds of data preprocessing methods: frequency processing, frequency weighted processing, and difference processing, and use CNN to train the model for worm detection. In the DNN-based worm signature generation module, there are two phrase:DNN is firstly utilized for training the model with worm payloads and their corresponding signatures as input in the training phrase. After worm payloads are fed into the trained DNN model in the test phrase, worm signatures are generated by our proposed Signature Beam Search algorithm. In the experiment, we firstly analyzed the impact of different data preprocessing methods and the number of convolution-pooling layers in the CNN model on the worm detection performance. Then we analyzed the effects of different signatures in the DNN algorithm on the automatic generation of worm signatures. Experiments show that the generated signatures have a good detection performance.

show abstract

Section: Related Workmentioning

confidence: 99%

“…Precision is defined as (19), which is the fraction of relevant samples between the retrieved samples:…”

Section: A Cnn-based Worm Detectionmentioning

confidence: 99%

A Worm Detection System Based on Deep Learning

Zhou

Yang

et al. 2020

IEEE Access

View full text Add to dashboard Cite

show abstract

“…IDS can be compared with a spam filter, which raises an alarm if specific things occur. 5,6 Elsewhere, Gaspar et al 7 reviewed the strategies used to improve the classification performance in term of accuracy of support vector machines (SVMs) and performed some experiments to study the influence of features and hyperparameters in the optimization process, using kernels function. Huang et al provided a study on the joint optimization of C and g parameters (using the RBF kernel), and feature selection using grid search and genetic algorithms.…”

Section: Introductionmentioning

confidence: 99%

“…In other words, IDS is a device, typically a designated computer system, which monitors the activity to identify malicious or suspicious alerts. IDS can be compared with a spam filter, which raises an alarm if specific things occur 5,6 …”

Section: Introductionmentioning

confidence: 99%

Design network intrusion detection system using support vector machine

Ajdani

Ghaffary

2020

Int J Communication

View full text Add to dashboard Cite

Summary The growing use of the Internet and the existence of vulnerable points in networks have made the usage of intrusion detection systems as one of the most important security elements. This study aimed to present a method to design an analytical framework of detecting destructive data with respect to three factors including time, users' information, and scale. The design can be applied for big data. In the proposed method, to train data, the time has been divided into subperiods exploiting users' review information during each period of time, and the data have been trained. Also, storing methods have been applied for scalability to enhance the speed and reduce the volume of computations. The method used in this study is a combination of hardware‐software method to detect destructive data to cluster them (VIRUS TOTAL Dataset). Also, the proposed method applied a new algorithm of modified vector machine, and the efficiency of the algorithm has promoted support vector machine (SVM), designed to operate better than previous methods. The results showed that the proposed method is more acceptable than other previous methods. The results indicated that the method works with the accuracy of 0.97 which can be fairly accepted.

show abstract

“…For specific types of attacks, such as DOS [74][75][76][77][78][79], botnet [80], and phishing web [81], proper feature must be extracted according to the attack characteristics that can be abstracted using domain knowledge.…”

mentioning

confidence: 99%

Machine Learning and Deep Learning Methods for Intrusion Detection Systems: A Survey

2019

View full text Add to dashboard Cite

Networks play important roles in modern life, and cyber security has become a vital research area. An intrusion detection system (IDS) which is an important cyber security technique, monitors the state of software and hardware running in the network. Despite decades of development, existing IDSs still face challenges in improving the detection accuracy, reducing the false alarm rate and detecting unknown attacks. To solve the above problems, many researchers have focused on developing IDSs that capitalize on machine learning methods. Machine learning methods can automatically discover the essential differences between normal data and abnormal data with high accuracy. In addition, machine learning methods have strong generalizability, so they are also able to detect unknown attacks. Deep learning is a branch of machine learning, whose performance is remarkable and has become a research hotspot. This survey proposes a taxonomy of IDS that takes data objects as the main dimension to classify and summarize machine learning-based and deep learning-based IDS literature. We believe that this type of taxonomy framework is fit for cyber security researchers. The survey first clarifies the concept and taxonomy of IDSs. Then, the machine learning algorithms frequently used in IDSs, metrics, and benchmark datasets are introduced. Next, combined with the representative literature, we take the proposed taxonomic system as a baseline and explain how to solve key IDS issues with machine learning and deep learning techniques. Finally, challenges and future developments are discussed by reviewing recent representative studies.

show abstract

Design and implementation of intrusion detection system using convolutional neural network for DoS detection

Cited by 48 publications

References 9 publications

A Worm Detection System Based on Deep Learning

A Worm Detection System Based on Deep Learning

Design network intrusion detection system using support vector machine

Machine Learning and Deep Learning Methods for Intrusion Detection Systems: A Survey

Contact Info

Product

Resources

About