[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ Skip to main content
Log in

An intrusion detection approach based on incremental long short-term memory

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

The notorious attacks of the last few years have propelled cyber security to the top of the boardroom agenda, and raised the level of criticality to new heights. Therefore, building a secure system has become an important issue that cannot be delayed. In this paper, we propose an intrusion detection approach based on incremental long short-term memory to detect attacks. In order to capture the dynamic information of traffic, we introduce increment which is calculated as the product of function and derivative to long short-term memory (LSTM). Furthermore, the state change are applied to LSTM which is considered as incremental LSTM. Finally, we analyzed the effect of the state change on the performance of incremental LSTM by experiments. Experiments show that the intrusion detection method based on incremental LSTM has a higher accuracy than other methods.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (United Kingdom)

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

Data availability

The code used in the current study can be obtained at https://github.com/xiaohuala/intrusion-Detection. The datasets generated during the current study are available from the corresponding author on reasonable request.

References

  1. https://www.securityweek.com/

  2. Sayyar, S., Khan, A., Ullah, F., Anwar, H., Kaleem, Z.,: Enhanced TWOACK based AODV protocol for intrusion detection system. In: 2018 International Conference on Computing, Mathematics and Engineering Technologies (iCoMET), Sukkur, Pakistan, 2018, pp. 1–4

  3. Vinayakumar, R., Alazab, M., Soman, K.P., Poornachandran, P., Al-Nemrat, A., Venkatraman, S.: Deep learning approach for intelligent intrusion detection system. IEEE Access 7, 41525–41550 (2019)

    Article  Google Scholar 

  4. Gao, X., Shan, C., Hu, C., Niu, Z., Liu, Z.: An adaptive ensemble machine learning model for intrusion detection. IEEE Access 7, 82512–82521 (2019)

    Article  Google Scholar 

  5. Liang, W., Li, K.C., Long, J., Kui, X., Zomaya, A.Y.: An industrial network intrusion detection algorithm based on multifeature data clustering optimization model. IEEE Trans. Industr. Inf. 16(3), 2063–2071 (2019)

    Article  Google Scholar 

  6. Li, Z., Xing, W., Khamaiseh, S., Xu, D.: Detecting saturation attacks based on self-similarity of OpenFlow traffic. IEEE Trans. Netw. Serv. Manag. 17(1), 607–621 (2019)

    Article  Google Scholar 

  7. Tao, P., Sun, Z., Sun, Z.: An improved intrusion detection algorithm based on GA and SVM. IEEE Access 6, 13624–13631 (2018)

    Article  Google Scholar 

  8. Li, X., Chen, W., Zhang, Q., Wu, L.: Building auto-encoder intrusion detection system based on random forest feature selection. Comput. Secur. 95, 101851 (2020)

    Article  Google Scholar 

  9. Khan, M.A., Karim, M.R., Kim, Y.: A scalable and hybrid intrusion detection system based on the convolutional-LSTM network. Symmetry 11(4), 583 (2019)

    Article  Google Scholar 

  10. Otter, D.W., Medina, J.R., Kalita, J.K.: A survey of the usages of deep learning for natural language processing. IEEE Transactions Neural Netw. Learn. Syst. 32(2), 604–624 (2020)

    Article  MathSciNet  Google Scholar 

  11. Tian, Z., Luo, C., Qiu, J., Du, X., Guizani, M.: A distributed deep learning system for web attack detection on edge devices. IEEE Trans. Industr. Inf. 16(3), 1963–1971 (2019)

    Article  Google Scholar 

  12. Gurung, S., Ghose, M.K., Subedi, A.: Deep learning approach on network intrusion detection system using NSL-KDD dataset. Int. J. Computer Netw. Inform. Secur. 11(3), 8–14 (2019)

    Google Scholar 

  13. Dong, Y., Wang, R., He, J.: Real-time network intrusion detection system based on deep learning. In 2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS) pp. 1–4 IEEE (2019)

  14. Ahmad, Z., Shahid Khan, A., Wai Shiang, C., et al.: Network intrusion detection system: a systematic study of machine learning and deep learning approaches. Transactions Emerg. Telecommun. Technol. 32(1), e4150 (2021)

    Google Scholar 

  15. Groza, B., Murvay, P.S.: Efficient intrusion detection with bloom filtering in controller area networks. IEEE Trans. Inf. Forensics Secur. 14(4), 1037–1051 (2018)

    Article  Google Scholar 

  16. Van Wyk, F., Wang, Y., Khojandi, A., Masoud, N.: Real-time sensor anomaly detection and identification in automated vehicles. IEEE Trans. Intell. Transp. Syst. 21(3), 1264–1276 (2019)

    Google Scholar 

  17. Anwer, H. M., Farouk, M., & Abdel-Hamid, A.: A framework for efficient network anomaly intrusion detection with features selection. In 2018 9th International Conference on Information and Communication Systems (ICICS) pp. 157–162 IEEE (2018)

  18. Yu, T., Wang, X.: Topology verification enabled intrusion detection for in-vehicle CAN-FD networks. IEEE Commun. Lett. 24(1), 227–230 (2019)

    Article  Google Scholar 

  19. Breuel, T. M.: High performance text recognition using a hybrid convolutional-lstm implementation. In 2017 14th IAPR international conference on document analysis and recognition (ICDAR) (Vol. 1, pp. 11–16). IEEE (2017)

  20. Messina, R., & Louradour, J.: Segmentation-free handwritten Chinese text recognition with LSTM-RNN. In 2015 13th International conference on document analysis and recognition (icdar) pp. 171–175. IEEE. (2015)

  21. Song, S., Lan, C., Xing, J., Zeng, W., Liu, J.: Spatio-temporal attention-based LSTM networks for 3D action recognition and detection. IEEE Trans. Image Process. 27(7), 3459–3471 (2018)

    Article  MathSciNet  MATH  Google Scholar 

  22. Mirza, A. H., Cosan, S.: Computer network intrusion detection using sequential LSTM neural networks autoencoders. In 2018 26th signal processing and communications applications conference (SIU) (pp. 1–4) IEEE (2018)

  23. Mighan, S.N., Kahani, M.: A novel scalable intrusion detection system based on deep learning. Int. J. Inf. Secur. 20(3), 387–403 (2021)

    Article  Google Scholar 

  24. Fu, C., Li, Q., Shen, M., et al.: Realtime robust malicious traffic detection via frequency domain analysis. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security. 2021: 3431–3446

  25. Sultana, N., Chilamkurti, N., Peng, W., Alhadad, R.: Survey on SDN based network intrusion detection system using machine learning approaches. Peer-to-Peer Netw. Appl. 12(2), 493–501 (2019)

    Article  Google Scholar 

  26. Zhang, L., Fan, X., Xu, C.: A fusion financial prediction strategy based on RNN and representative pattern discovery. In 2017 18th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT) pp. 92–97. IEEE (2017)

  27. Moustakidis, S., Karlsson, P.: A novel feature extraction methodology using Siamese convolutional neural networks for intrusion detection. Cybersecurity 3(1), 1–13 (2020)

    Article  Google Scholar 

  28. Hochreiter, S., Schmidhuber, J.: Long short-term memory. Neural Comput. 9(8), 1735–1780 (1997)

    Article  Google Scholar 

  29. https://www.tensorflow.org

  30. https://www.unsw.adfa.edu.au/unsw-canberra-cyber/cybersecurity/ADFA-NB15-Datasets/

  31. https://www.unb.ca/cic/datasets/ids-2017.html

  32. Keshk, M., Sitnikova, E., Moustafa, N., Hu, J., Khalil, I.: An integrated framework for privacy-preserving based anomaly detection for cyber-physical systems. IEEE Transactions Sustain. Comput. 6(1), 66–79 (2019)

    Article  Google Scholar 

  33. Zhang, H., Wu, C. Q., Gao, S., Wang, Z., Xu, Y., Liu, Y.: An effective deep learning based scheme for network intrusion detection. In 2018 24th International Conference on Pattern Recognition (ICPR) pp. 682–687. IEEE (2018)

  34. Baig, M.M., Awais, M.M., El-Alfy, E.S.M.: A multiclass cascade of artificial neural network for network intrusion detection. J. Intell. Fuzzy Syst. 32(4), 2875–2883 (2017)

    Article  Google Scholar 

  35. Yang, Y., Zheng, K., Wu, C., Yang, Y.: Improving the classification effectiveness of intrusion detection by using improved conditional variational autoencoder and deep neural network. Sensors 19(11), 2528 (2019)

    Article  Google Scholar 

  36. Binbusayyis, A., Vaiyapuri, T.: Identifying and benchmarking key features for cyber intrusion detection: an ensemble approach. IEEE Access 7, 106495–106513 (2019)

    Article  Google Scholar 

  37. Bansal, A., Kaur, S.: Extreme gradient boosting based tuning for classification in intrusion detection systems. In International conference on advances in computing and data sciences pp. 372–380. Springer, Singapore (2018)

  38. Shi, Z., Li, J., Wu, C., & Li, J.: DeepWindow: an efficient method for online network traffic anomaly detection. In 2019 IEEE 21st International Conference on High Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS) pp. 2403–2408 IEEE. (2019)

  39. Abdulhammed, R., Musafer, H., Alessa, A., Faezipour, M., Abuzneid, A.: Features dimensionality reduction approaches for machine learning based network intrusion detection. Electronics 8(3), 322 (2019)

    Article  Google Scholar 

  40. Azzaoui, H., Boukhamla, A.Z.E., Arroyo, D., Bensayah, A.: Developing new deep-learning model to enhance network intrusion classification. Evol. Syst. 13(1), 17–25 (2022)

    Article  Google Scholar 

  41. Zhang, Y., Chen, X., Guo, D., Song, M., Teng, Y., Wang, X.: PCCN: parallel cross convolutional neural network for abnormal network traffic flows detection in multi-class imbalanced network traffic flows. IEEE Access 7, 119904–119916 (2019)

    Article  Google Scholar 

Download references

Funding

This work was supported in part by the National Key Research and Development Program under Grant 2019YFB1406002, in part by the National Science Foundation of China under Grant 51704138, in part by the Key Scientific Research Project of Liaoning Provincial Department of Education under Grant LZD202002, in part by the Liaoning Education Department under Grant JYT19053, in part by the National Natural Science Foundation of Liaoning under Grant 2020-MS-239, in part by Teaching Reform Project of Liaoning University under Grant JG2020YBXW127.

Author information

Authors and Affiliations

Authors

Corresponding authors

Correspondence to Hong Pan, Guo Wei or Yong Feng.

Ethics declarations

Conflict of interest

The authors have no conflicts of interest to declare that are relevant to the content of this article.

Human and animal rights

The research does not involve human participants and/or animals.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhou, H., Kang, L., Pan, H. et al. An intrusion detection approach based on incremental long short-term memory. Int. J. Inf. Secur. 22, 433–446 (2023). https://doi.org/10.1007/s10207-022-00632-4

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-022-00632-4

Keywords

Navigation