Abstract
In today’s interconnected society, cyberattacks have become more frequent and sophisticated, and existing intrusion detection systems may not be adequate in the complex cyberthreat landscape. For instance, existing intrusion detection systems may have overfitting, low classification accuracy, and high false positive rate (FPR) when faced with significantly large volume and variety of network data. An intrusion detection approach based on improved deep belief network (DBN) is proposed in this paper to mitigate the above problems, where the dataset is processed by probabilistic mass function (PMF) encoding and Min-Max normalization method to simplify the data preprocessing. Furthermore, a combined sparsity penalty term based on Kullback-Leibler (KL) divergence and non-mean Gaussian distribution is introduced in the likelihood function of the unsupervised training phase of DBN, and sparse constraints retrieve the sparse distribution of the dataset, thus avoiding the problem of feature homogeneity and overfitting. Finally, simulation experiments are performed on the NSL-KDD and UNSW-NB15 public datasets. The proposed method achieves 96.17% and 86.49% accuracy, respectively. Experimental results show that compared with the state-of-the-art methods, the proposed method achieves significant improvement in classification accuracy and FPR.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Cyber-Attack Against Ukrainian Critical Infrastructure. [Online]. Available: https://www.us-cert.gov/ics/alerts/IR-ALERT-H-16-056-01 (Accessed Aug 6, 2019)
No municipality paid ransoms in 'coordinated ransomware attack' that hit Texas. [Online]. Available: https://www.zdnet.com/article/no-municipality-paid-ransoms-in-coordinated-ransomware-attack-that-hit-texas/ (Accessed Aug 6, 2019)
Dai Y, Wang G, Li KC (2018) Conceptual alignment deep neural networks[J]. Journal of Intelligent & Fuzzy Systems 34(3):1631–1642
Song H, Jiang Z, Men A, et al. A hybrid semi-supervised anomaly detection model for high-dimensional data[J]. Computational intelligence and neuroscience, 2017, 2017
Zhao Z, Jiao L, Zhao J et al (2017) Discriminant deep belief network for high-resolution SAR image classification[J]. Pattern Recogn 61:686–701
Basu S, Karki M, Ganguly S et al (2017) Learning sparse feature representations using probabilistic quadtrees and deep belief nets[J]. Neural Process Lett 45(3):855–867
Ding Y, Chen S, Xu J. Application of deep belief networks for opcode based malware detection[C]//2016 international joint conference on neural networks (IJCNN). IEEE, 2016: 3901–3908
Zhao G, Zhang C, Zheng L. Intrusion detection using deep belief network and probabilistic neural network[C]//2017 IEEE international conference on computational science and engineering (CSE) and IEEE international conference on embedded and ubiquitous computing (EUC). IEEE, 2017, 1: 639–642
Kaiser J, Zimmerer D, Tieck J C V, et al. Spiking convolutional deep belief networks[C]//international conference on artificial neural networks. Springer, Cham, 2017: 3–11
Koo J, Klabjan D. Improved Classification Based on Deep Belief Networks[J]. arXiv preprint arXiv:1804.09812, 2018
Robert W. Harrison. Continuous restricted Boltzmann machines[J]. Wireless Networks, https://doi.org/10.1007/s11276-018-01903-6. (online: 2018. 12)
Liang W, Li K C, Long J, et al. An industrial network intrusion detection algorithm based on multi-feature data clustering optimization model[J], IEEE transactions on industrial informatics, IEEE. DOI: https://doi.org/10.1109/TII.2019.2946791
Cui Z, Ge SS, Cao Z et al (2015) Analysis of different sparsity methods in constrained RBM for sparse representation in cognitive robotic perception[J]. Journal of Intelligent & Robotic Systems 80(1):121–132
Ji NN, Zhang JS, Zhang CX (2014) A sparse-response deep belief network based on rate distortion theory[J]. Pattern Recogn 47(9):3179–3191
Hu Z, Hu W, Zhang C (2014) Training deep belief network with sparse hidden units[C]//Chinese conference on pattern recognition. Springer, Berlin, Heidelberg, pp 11–20
Chen D, Lv J, Yi Z (2018) Graph regularized restricted Boltzmann machine [J]. IEEE Transactions on Neural Networks & Learning Systems 29(6):2651–2659
Alom M Z, Bontupalli V R, Taha T M. Intrusion detection using deep belief networks[C]//2015 National Aerospace and electronics conference (NAECON). IEEE, 2015: 339–344
Adil S H, Ali S S A, Raza K, et al. An improved intrusion detection approach using synthetic minority over-sampling technique and deep belief networks[C]//SoMeT, 2014: 94–102
Yu L (2018) Research on intrusion detection based on deep confidence network[J]. Computer Science and Application 08(05):687–701
Selvakumar B, Muneeswaran K (2019) Firefly algorithm based feature selection for network intrusion detection[J]. Computers & Security 81:148–155
Chen CLP, Zhang CY, Chen L et al (2015) Fuzzy restricted Boltzmann machine for the enhancement of deep learning[J]. IEEE Trans Fuzzy Syst 23(6):2163–2173
Merino ER, Castrillejo FM, Pin JD (2017) Neighborhood-based stopping criterion for contrastive divergence[J]. IEEE transactions on neural networks and learning systems 29(7):2695–2704
Fatemi M, Granström K, Svensson L et al (2017) Poisson multi-Bernoulli mapping using Gibbs sampling[J]. IEEE Trans Signal Process 65(11):2814–2827
Wang L, Ye P, Xiang J. A modified algorithm based on smoothed L0 norm in compressive sensing signal reconstruction[C]//2018 25th IEEE international conference on image processing (ICIP). IEEE, 2018: 1812–1816
Keyvanrad M A, Homayounpour M M. Normal sparse deep belief network[C]//2015 international joint conference on neural networks (IJCNN). IEEE, 2015: 1–7
Alom M Z, Bontupalli V R, Taha T M. Intrusion detection using deep belief networks[C]//2015 National Aerospace and electronics conference (NAECON). IEEE, 2015: 339–344
Niyaz Q, Sun W, Javaid A Y. A deep learning based DDoS detection system in software-defined networking (SDN) [J]. arXiv preprint arXiv:1611.07400, 2016
Chen P, Han D, Tan F, et al. Reinforcement-based robust variable pitch control of wind turbines[J]. IEEE access, IEEE. DOI: https://doi.org/10.1109/ACCESS.2020.2968853
Rathore S, Saxena A, Manoria M. Intrusion detection system on KDDCup99 dataset: a survey[J]. Int J Comput Sci Inf Tech, 2015
Parsaei MR, Rostami SM, Javidan R (2016) A hybrid data mining approach for intrusion detection on imbalanced NSL-KDD dataset[J]. Int J Adv Comput Sci Appl 7(6):20–25
Khan FA, Gumaei A, Derhab A et al (2019) A novel two-stage deep learning model for efficient network intrusion detection[J]. IEEE Access 7:30373–30385
Moustafa N, Slay J. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)[C]//2015 military communications and information systems conference (MilCIS). IEEE, 2015: 1–6
Moustafa N, Slay J (2016) The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set[J]. Information Security Journal: A Global Perspective 25(1–3):18–31
Liang W, Fan Y, Li K C, et al. Secure data storage and recovery in industrial Blockchain network environments[J]. IEEE transactions on industrial informatics, IEEE. DOI:https://doi.org/10.1109/TII.2020.2966069
Dewa Z, Maglaras LA (2016) Data mining and intrusion detection systems[J]. Int J Adv Comput Sci Appl 7(1):62–71
Liang W, Tang M, Long J et al (2019) A secure fabric blockchain-based data transmission technique for industrial internet-of-things[J]. IEEE Transactions on Industrial Informatics 15(6):3582–3592
Li L, Xie L, Li W et al (2018) Improved deep belief networks (IDBN) dynamic model-based detection and mitigation for targeted attacks on heavy-duty robots[J]. Appl Sci 8(5):2076–3417
Liu H, Han D, Li D (2020) Fabric-iot: a Blockchain-based access control system in IoT[J]. IEEE Access 8:18207–18218
Gajera V, Gupta R, Jana P K. An effective multi-objective task scheduling algorithm using min-max normalization in cloud computing[C]//2016 2nd international conference on applied and theoretical computing and communication technology (iCATccT). IEEE, 2016: 812–816
Khemiri H, Petrovska-Delacretaz D. Cohort selection for text-dependent speaker verification score normalization[C]//2016 2nd international conference on advanced Technologies for Signal and Image Processing (ATSIP). IEEE, 2016: 689–692
Li J, Zhao Z, Li R et al (2018) AI-based two-stage intrusion detection for software defined IoT networks[J]. IEEE Internet Things J 6(2):2093–2102
Diro AA, Chilamkurti N (2018) Distributed attack detection scheme using deep learning approach for internet of things[J]. Futur Gener Comput Syst 82:761–768
Yang Y, Zheng K, Wu C et al (2019) Building an effective intrusion detection system using the modified density peak clustering algorithm and deep belief networks[J]. Appl Sci 9(2):238
Djenouri Y, Belhadi A, Lin JCW et al (2019) Adapted k-nearest neighbors for detecting anomalies on spatio–temporal traffic flow[J]. IEEE Access 7:10015–10027
Zhang Y, Li P, Wang X (2019) Intrusion detection for IoT based on improved genetic algorithm and deep belief network[J]. IEEE Access 7:31711–31722
Acknowledgments
This work is supported by the National Natural Science Foundation of China (No. 61672338 and No. 61873160).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Tian, Q., Han, D., Li, KC. et al. An intrusion detection approach based on improved deep belief network. Appl Intell 50, 3162–3178 (2020). https://doi.org/10.1007/s10489-020-01694-4
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10489-020-01694-4