A review of neural networks for rare intrusions detection in wireless networks

Authors

  • Vu Viet Thang
  • Dmitry Valerievich Pantiukhin
  • Bui Thi Thanh Quyen
  • Vu Viet Vu

DOI:

https://doi.org/10.54654/isj.v3i20.984

Keywords:

Rare attack, intrusion detection, neural network, generative network, wireless network

Tóm tắt

Abstract — Neural networks have become the most popular approach for detecting tasks. Currently, neural networks have been strongly applied in the fields of image processing, text and signal processing and have achieved certain effectiveness. However, they have not been widely applied in information security and intrusion detection. Especially, there are no much applications of neural network about rare attacks. In our review, the rare attacks are attacks with a low number of instances or unfamiliar types of security attacks with a low occurrence rate. This is due to a lack of labeled data required for neural networks training and a significant imbalance in the number of different data classes. In this article, we have researched, compared and evaluated current methods for solving problems such as data augmentation, data generation via generative networks and classing importance control.  Additionally, we will also provide a brief overview of existing datasets for intrusion detection in wireless networks.

Downloads

Download data is not yet available.

References

Erlacher and F. Dressler, "FIXIDS: A high-speed signature-based flow intrusion detection system," NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium, Taipei, 2018, pp. 1-8. doi: 10.1109/NOMS.2018.8406247.

S. T. Eckmann, G. Vigna, R. A. Kemmerer, “STATL: An attack language for state-based intrusion detection,” in Journal of Computer Security, vol. 10, № 1-2, pp. 71-103, 2002.

S. Roschke, F. Cheng and C. Meinel, "High-quality attack graph-based IDS correlation," in Logic Journal of the IGPL, vol. 21, no. 4, pp. 571-591, Aug. 2013. doi: 10.1093/jigpal/jzs034.

B. Peralta, A. Saavedra and L. Caro, "A proposal for mixture of experts with entropic regularization," 2017 XLIII Latin American Computer Conference (CLEI), Cordoba, 2017, pp. 1-9. doi: 10.1109/CLEI.2017.8226425.

S. Mukkamala, A. H. Sung, A. Abraham, “Intrusion detection using an ensemble of intelligent paradigms,”in Journal of Network and Computer Applications, vol. 28, .№ 2, pp. 167-182, 2005.

I. Ahmad, M. Basheri, M. J. Iqbal and A. Rahim, "Performance Comparison of Support Vector Machine, Random Forest, and Extreme Learning Machine for Intrusion Detection," in IEEE Access, vol. 6, pp. 33789-33795, 2018. doi: 10.1109/ACCESS.2018.2841987.

W. Anani and J. Samarabandu, "Comparison of Recurrent Neural Network Algorithms for Intrusion Detection Based on Predicting Packet Sequences," 2018 IEEE Canadian Conference on Electrical & Computer Engineering (CCECE), Quebec, QC, Canada, 2018, pp. 1-4. doi: 10.1109/CCECE.2018.8447793.

Dung, N. T., Quân, N. V., & Hùng, N. V. (2023). Application of deep learning model in network reconnaissance attack detection. Journal of Science and Technology on Information Security, 2(16), 60-72.

Tavallaee M, Bagheri E, Lu W, Ghorbani AA (2009) A detailed analysis of the kdd cup 99 data set. In: Proceedings of the Second IEEE international conference on Computational intelligence for security and defense applications, IEEE Press, Piscataway, NJ, USA, CISDA'09, pp 53 – 58.

J. Song, H. Takakura, Y. Okabe, M. Eto, D. Inoue and K. Nakao. Statistical analysis of honeypot data and building of Kyoto 2006+ dataset for NIDS evaluation, Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, pp. 29-36, 2011.

P. Gogoi, M. H. Bhuyan, D. K. Bhattacharyya and J. K. Kalita. Packet and flow based network intrusion dataset. International Conference on Contemporary Computing, pp. 322-334, 2012.

Hyunsung Lee, Seong Hoon Jeong and Huy Kang Kim, "OTIDS: A Novel Intrusion Detection System for In-vehicle Network by using Remote Frame", PST (Privacy, Security and Trust) 2017.

Damasevicius, R.; Venckauskas, A.; Grigaliunas, S.; Toldinas, J.; Morkevicius, N.; Aleliunas, T.; Smuikys, P. LITNET-2020: An Annotated Real-World Network Flow Dataset for Network Intrusion Detection. Electronics 2020, 9, 800. https://doi.org/10.3390/electronics9050800.

C. Kolias, G. Kambourakis, A. Stavrou and S. Gritzalis, "Intrusion Detection in 802.11 Networks: Empirical Evaluation of Threats and a Public Dataset," in IEEE Communications Surveys & Tutorials, vol. 18, no. 1, pp. 184-208, Firstquarter 2016, doi: 10.1109/COMST.2015.2402161.

Iman Almomani, Bassam Al-Kasasbeh, Mousa AL-Akhras, "WSN-DS: A Dataset for Intrusion Detection Systems in Wireless Sensor Networks", Journal of Sensors, vol. 2016, Article ID 4731953, 16 pages, 2016. https://doi.org/10.1155/2016/4731953.

Hyunjae Kang, Dong Hyun Ahn, Gyung Min Lee, Jeong Do Yoo, Kyung Ho Park, and Huy Kang Kim, "IoT Network Intrusion Dataset.", http://ocslab.hksecurity.net/Datasets/iot-network-intrusion-dataset, 2019.

Neto, E.C.P.; Dadkhah, S.; Ferreira, R.; Zohourian, A.; Lu, R.; Ghorbani, A.A. CICIoT2023: A Real-Time Dataset and Benchmark for Large-Scale Attacks in IoT Environment. Sensors 2023, 23, 5941. https://doi.org/10.3390/s23135941.

M. Ring. A Survey of Network-based Intrusion Detection Data Sets. arXiv preprint arXiv:1903.02460, 2019.

Pantiukhin D.V, Karelova E. Improving of intrusion classification rate by convolution neural network using training set // Information Technology – 2018. – V. 24. – N 6. – P. 406-413 [in Russian].

Yan, G. Han, and Y. Huang, ``New traffic classification method for imbalanced network data,'' J. Comput. Appl., vol. 38, no. 1, pp. 20-25, 2018.

K. Jiang, W. Wang, A. Wang and H. Wu, "Network Intrusion Detection Combined Hybrid Sampling With Deep Hierarchical Network," in IEEE Access, vol. 8, pp. 32464-32476, 2020, doi: 10.1109/ACCESS.2020.2973730.

Liu, L., Wang, P., Lin, J., & Liu, L. (2020). Intrusion detection of imbalanced network traffic based on machine learning and deep learning. IEEE Access, 9, 7550-7563.

Vu L., Bui C. T., Nguyen Q. U. A deep learning based method for handling imbalanced problem in network traffic classification //Proceedings of the Eighth International Symposium on Information and Communication Technology. – 2017. – С. 333-339.

Chen, Hongyu, and Li Jiang. "Efficient GAN-based method for cyber-intrusion detection." arXiv preprint arXiv:1904.02426 (2019).

Mari, A.-G.; Zinca, D.; Dobrota, V. Development of a Machine-Learning Intrusion Detection System and Testing of Its Performance Using a Generative Adversarial Network. Sensors 2023, 23, 1315.

Open Source IDS Tools: Comparing Suricata, Snort, Bro (Zeek), Linux, May 2021. [Online]. Available: https://cybersecurity.att.com/blogs/security-essentials/open-source-intrusion-detection-tools-a-quick-overview.

Snoort, October 2005. [Online]. Available: h http://www.thg.ru/network/20051020/index.html.

Base Project, October 2013. [Online]. Available: http://sourceforge.net/projects/secureideas/.

IDS/IPS Suricata, June, 2015. [Online]. Available: https://xakep.ru/2015/06/28/suricata-ids-ips-197/.

Suricata, Snort and Zeek: 3 Open Source Technologies for Securing Modern Networks, 2021. [Online]. Available: https://bricata.com/blog/snort-suricata-bro-ids/.

Downloads

Abstract views: 257 / PDF downloads: 54

Published

2023-12-29

How to Cite

Thang, V. V., Pantiukhin, D. V. ., Quyen, B. T. T. ., & Vu, V. V. (2023). A review of neural networks for rare intrusions detection in wireless networks. Journal of Science and Technology on Information Security, 3(20), 23-34. https://doi.org/10.54654/isj.v3i20.984

Issue

Section

Papers