HCRNNIDS: Hybrid Convolutional Recurrent Neural Network-Based Network Intrusion Detection System

Khan, Muhammad Ashfaq

doi:10.3390/pr9050834

Cited by 184 publications

(86 citation statements)

References 64 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Koroniotis et al [83] proposed the Bot-IoT as a new dataset for comparing IoT environments with previous datasets, which uses the MQTT protocol as a lightweight communication protocol. The Bot-IoT dataset has more than 72,000.000 records [84].…”

Section: Iot Traffic-based Dataset (Bot-iot Dataset)mentioning

confidence: 99%

A Survey of Intrusion Detection Using Deep Learning in Internet of Things

Farhan

Jasim

2022

ijcsm

View full text Add to dashboard Cite

The use of deep learning in various models is a powerful tool in detecting IoT attacks, identifying new types of intrusion to access a better secure network. Need to developing an intrusion detection system to detect and classify attacks in appropriate time and automated manner increases especially due to the use of IoT and the nature of its data that causes increasing in attacks. Malicious attacks are continuously changing, that cause new attacks. In this paper we present a survey about the detection of anomalies, thus intrusion detection by distinguishing between normal behavior and malicious behavior while analyzing network traffic to discover new attacks. This paper surveys previous researches by evaluating their performance through two categories of new datasets of real traffic are (CSE-CIC-IDS2018 dataset, Bot-IoT dataset). To evaluate the performance we show accuracy measurement for detect intrusion in different systems.

show abstract

Section: Iot Traffic-based Dataset (Bot-iot Dataset)mentioning

confidence: 99%

A Survey of Intrusion Detection Using Deep Learning in Internet of Things

Farhan

Jasim

2022

ijcsm

View full text Add to dashboard Cite

show abstract

“…Andresini et al [9] proposed a new intrusion detection method, this method analyzes the flow-based characteristics of network traffic data and it learns the intrusion detection model by using the deep metric learning method that originally combined the autoencoder and the triplet network. Khan et al [10]…”

Section: Related Workmentioning

confidence: 99%

Application of Weighted Cross-Entropy Loss Function in Intrusion Detection

Zhou¹,

Huang²,

Fang³

2021

JCC

View full text Add to dashboard Cite

“…We use a more sophisticated model in terms of stacked recurrent layers and embeddings for more input features, which results in higher detection rates, as demonstrated in see Section 8. The HCRNNIDS model by Kahn provides an interesting adaption of hybrid convolutional recurrent networks typically used in video modelling for intrusion detection [36] with promising results. In comparison to CBAM, this model is applied to individual flow features rather than flow sequences, and is trained as a classifier rather than an anomaly-detection model.…”

Section: Related Workmentioning

confidence: 99%

CBAM: A Contextual Model for Network Anomaly Detection

2021

View full text Add to dashboard Cite

Anomaly-based intrusion detection methods aim to combat the increasing rate of zero-day attacks, however, their success is currently restricted to the detection of high-volume attacks using aggregated traffic features. Recent evaluations show that the current anomaly-based network intrusion detection methods fail to reliably detect remote access attacks. These are smaller in volume and often only stand out when compared to their surroundings. Currently, anomaly methods try to detect access attack events mainly as point anomalies and neglect the context they appear in. We present and examine a contextual bidirectional anomaly model (CBAM) based on deep LSTM-networks that is specifically designed to detect such attacks as contextual network anomalies. The model efficiently learns short-term sequential patterns in network flows as conditional event probabilities. Access attacks frequently break these patterns when exploiting vulnerabilities, and can thus be detected as contextual anomalies. We evaluated CBAM on an assembly of three datasets that provide both representative network access attacks, real-life traffic over a long timespan, and traffic from a real-world red-team attack. We contend that this assembly is closer to a potential deployment environment than current NIDS benchmark datasets. We show that, by building a deep model, we are able to reduce the false positive rate to 0.16% while effectively detecting six out of seven access attacks, which is significantly lower than the operational range of other methods. We further demonstrate that short-term flow structures remain stable over long periods of time, making the CBAM robust against concept drift.

show abstract

HCRNNIDS: Hybrid Convolutional Recurrent Neural Network-Based Network Intrusion Detection System

Cited by 184 publications

References 64 publications

A Survey of Intrusion Detection Using Deep Learning in Internet of Things

A Survey of Intrusion Detection Using Deep Learning in Internet of Things

Application of Weighted Cross-Entropy Loss Function in Intrusion Detection

CBAM: A Contextual Model for Network Anomaly Detection

Contact Info

Product

Resources

About