An effective technique for detecting minority attacks in NIDS using deep learning and sampling approach

Anomaly-based intrusion detection system have been consistently used in business organizations and military to detect a breach in network by identifying any activity that deviates from the baseline pattern. In this paper, we propose an effective intrusion detection technique to identify and predict...

Full description

Bibliographic Details
Main Authors: R. Harini, N. Maheswari, Sannasi Ganapathy, M. Sivagami
Format: Article
Language:English
Published: Elsevier 2023-09-01
Series:Alexandria Engineering Journal
Subjects:
Online Access:http://www.sciencedirect.com/science/article/pii/S1110016823006531
Description
Summary:Anomaly-based intrusion detection system have been consistently used in business organizations and military to detect a breach in network by identifying any activity that deviates from the baseline pattern. In this paper, we propose an effective intrusion detection technique to identify and predict the minority attacks with three layers. Here, the first layer utilizes a Weighted Deep Neural Network (WDNN) for identifying the suspicious traffic samples in network and it is passed to the second layer. Layer 2 classifies the traffic samples as normal or majority and minority attacks using Convolutional Neural Network (CNN) and Long-Short Term Memory (LSTM). Any traffic sample classified as minority attack is sent to Layer 3 that utilizes XGBoost algorithm. Layer 3 classifies the samples into their respective minority attack classes. To boost the detection rate of minority attacks, system employs a One-Sided Selection under-sampling algorithm to remove noisy samples from the majority attack classes. An Adaptive Synthetic (ADASYN) oversampling algorithm generates synthetic samples of minority attack classes. To evaluate the system, the datasets namely NSL KDD, CICIDS-2017 and CIDDS 001 dataset are used. The system attained an overall accuracy of 97.94% on NSL KDD dataset, 98.3% on CICIDS-2017 dataset and 97.9% on CIDDS 001 dataset.
ISSN:1110-0168