Deep Learning Model Transposition for Network Intrusion Detection Systems
Companies seek to promote a swift digitalization of their business processes and new disruptive features to gain an advantage over their competitors. This often results in a wider attack surface that may be exposed to exploitation from adversaries. As budgets are thin, one of the most popular securi...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2023-01-01
|
| Series: | Electronics |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2079-9292/12/2/293 |
| _version_ | 1797443490597044224 |
|---|---|
| author | João Figueiredo Carlos Serrão Ana Maria de Almeida |
| author_facet | João Figueiredo Carlos Serrão Ana Maria de Almeida |
| author_sort | João Figueiredo |
| collection | DOAJ |
| description | Companies seek to promote a swift digitalization of their business processes and new disruptive features to gain an advantage over their competitors. This often results in a wider attack surface that may be exposed to exploitation from adversaries. As budgets are thin, one of the most popular security solutions CISOs choose to invest in is Network-based Intrusion Detection Systems (NIDS). As anomaly-based NIDS work over a baseline of normal and expected activity, one of the key areas of development is the training of deep learning classification models robust enough so that, given a different network context, the system is still capable of high rate accuracy for intrusion detection. In this study, we propose an anomaly-based NIDS using a deep learning stacked-LSTM model with a novel pre-processing technique that gives it context-free features and outperforms most related works, obtaining over 99% accuracy over the CICIDS2017 dataset. This system can also be applied to different environments without losing its accuracy due to its basis on context-free features. Moreover, using synthetic network attacks, it has been shown that this NIDS approach can detect specific categories of attacks. |
| first_indexed | 2024-03-09T12:57:46Z |
| format | Article |
| id | doaj.art-530587522638436f9ff2eeacaf7a2df9 |
| institution | Directory Open Access Journal |
| issn | 2079-9292 |
| language | English |
| last_indexed | 2024-03-09T12:57:46Z |
| publishDate | 2023-01-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Electronics |
| spelling | doaj.art-530587522638436f9ff2eeacaf7a2df92023-11-30T21:58:25ZengMDPI AGElectronics2079-92922023-01-0112229310.3390/electronics12020293Deep Learning Model Transposition for Network Intrusion Detection SystemsJoão Figueiredo0Carlos Serrão1Ana Maria de Almeida2Information Sciences, Technologies and Architecture Research Center (ISTAR), Instituto Universitário de Lisboa (ISCTE-IUL), 1600-189 Lisboa, PortugalInformation Sciences, Technologies and Architecture Research Center (ISTAR), Instituto Universitário de Lisboa (ISCTE-IUL), 1600-189 Lisboa, PortugalCISUC—Center for Informatics and Systems of the University of Coimbra, 3004-531 Coimbra, PortugalCompanies seek to promote a swift digitalization of their business processes and new disruptive features to gain an advantage over their competitors. This often results in a wider attack surface that may be exposed to exploitation from adversaries. As budgets are thin, one of the most popular security solutions CISOs choose to invest in is Network-based Intrusion Detection Systems (NIDS). As anomaly-based NIDS work over a baseline of normal and expected activity, one of the key areas of development is the training of deep learning classification models robust enough so that, given a different network context, the system is still capable of high rate accuracy for intrusion detection. In this study, we propose an anomaly-based NIDS using a deep learning stacked-LSTM model with a novel pre-processing technique that gives it context-free features and outperforms most related works, obtaining over 99% accuracy over the CICIDS2017 dataset. This system can also be applied to different environments without losing its accuracy due to its basis on context-free features. Moreover, using synthetic network attacks, it has been shown that this NIDS approach can detect specific categories of attacks.https://www.mdpi.com/2079-9292/12/2/293network intrusion detection system (NIDS)intrusion detectionanomaly detectiondeep learning (DL)long short-term memory (LSTM) |
| spellingShingle | João Figueiredo Carlos Serrão Ana Maria de Almeida Deep Learning Model Transposition for Network Intrusion Detection Systems Electronics network intrusion detection system (NIDS) intrusion detection anomaly detection deep learning (DL) long short-term memory (LSTM) |
| title | Deep Learning Model Transposition for Network Intrusion Detection Systems |
| title_full | Deep Learning Model Transposition for Network Intrusion Detection Systems |
| title_fullStr | Deep Learning Model Transposition for Network Intrusion Detection Systems |
| title_full_unstemmed | Deep Learning Model Transposition for Network Intrusion Detection Systems |
| title_short | Deep Learning Model Transposition for Network Intrusion Detection Systems |
| title_sort | deep learning model transposition for network intrusion detection systems |
| topic | network intrusion detection system (NIDS) intrusion detection anomaly detection deep learning (DL) long short-term memory (LSTM) |
| url | https://www.mdpi.com/2079-9292/12/2/293 |
| work_keys_str_mv | AT joaofigueiredo deeplearningmodeltranspositionfornetworkintrusiondetectionsystems AT carlosserrao deeplearningmodeltranspositionfornetworkintrusiondetectionsystems AT anamariadealmeida deeplearningmodeltranspositionfornetworkintrusiondetectionsystems |