A review of neural networks for rare intrusions detection in wireless networks
DOI:
https://doi.org/10.54654/isj.v3i20.984Keywords:
Rare attack, intrusion detection, neural network, generative network, wireless networkTóm tắt
Abstract — Neural networks have become the most popular approach for detecting tasks. Currently, neural networks have been strongly applied in the fields of image processing, text and signal processing and have achieved certain effectiveness. However, they have not been widely applied in information security and intrusion detection. Especially, there are no much applications of neural network about rare attacks. In our review, the rare attacks are attacks with a low number of instances or unfamiliar types of security attacks with a low occurrence rate. This is due to a lack of labeled data required for neural networks training and a significant imbalance in the number of different data classes. In this article, we have researched, compared and evaluated current methods for solving problems such as data augmentation, data generation via generative networks and classing importance control. Additionally, we will also provide a brief overview of existing datasets for intrusion detection in wireless networks.
Downloads
References
Erlacher and F. Dressler, "FIXIDS: A high-speed signature-based flow intrusion detection system," NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium, Taipei, 2018, pp. 1-8. doi: 10.1109/NOMS.2018.8406247.
S. T. Eckmann, G. Vigna, R. A. Kemmerer, “STATL: An attack language for state-based intrusion detection,” in Journal of Computer Security, vol. 10, № 1-2, pp. 71-103, 2002.
S. Roschke, F. Cheng and C. Meinel, "High-quality attack graph-based IDS correlation," in Logic Journal of the IGPL, vol. 21, no. 4, pp. 571-591, Aug. 2013. doi: 10.1093/jigpal/jzs034.
B. Peralta, A. Saavedra and L. Caro, "A proposal for mixture of experts with entropic regularization," 2017 XLIII Latin American Computer Conference (CLEI), Cordoba, 2017, pp. 1-9. doi: 10.1109/CLEI.2017.8226425.
S. Mukkamala, A. H. Sung, A. Abraham, “Intrusion detection using an ensemble of intelligent paradigms,”in Journal of Network and Computer Applications, vol. 28, .№ 2, pp. 167-182, 2005.
I. Ahmad, M. Basheri, M. J. Iqbal and A. Rahim, "Performance Comparison of Support Vector Machine, Random Forest, and Extreme Learning Machine for Intrusion Detection," in IEEE Access, vol. 6, pp. 33789-33795, 2018. doi: 10.1109/ACCESS.2018.2841987.
W. Anani and J. Samarabandu, "Comparison of Recurrent Neural Network Algorithms for Intrusion Detection Based on Predicting Packet Sequences," 2018 IEEE Canadian Conference on Electrical & Computer Engineering (CCECE), Quebec, QC, Canada, 2018, pp. 1-4. doi: 10.1109/CCECE.2018.8447793.
Dung, N. T., Quân, N. V., & Hùng, N. V. (2023). Application of deep learning model in network reconnaissance attack detection. Journal of Science and Technology on Information Security, 2(16), 60-72.
Tavallaee M, Bagheri E, Lu W, Ghorbani AA (2009) A detailed analysis of the kdd cup 99 data set. In: Proceedings of the Second IEEE international conference on Computational intelligence for security and defense applications, IEEE Press, Piscataway, NJ, USA, CISDA'09, pp 53 – 58.
J. Song, H. Takakura, Y. Okabe, M. Eto, D. Inoue and K. Nakao. Statistical analysis of honeypot data and building of Kyoto 2006+ dataset for NIDS evaluation, Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, pp. 29-36, 2011.
P. Gogoi, M. H. Bhuyan, D. K. Bhattacharyya and J. K. Kalita. Packet and flow based network intrusion dataset. International Conference on Contemporary Computing, pp. 322-334, 2012.
Hyunsung Lee, Seong Hoon Jeong and Huy Kang Kim, "OTIDS: A Novel Intrusion Detection System for In-vehicle Network by using Remote Frame", PST (Privacy, Security and Trust) 2017.
Damasevicius, R.; Venckauskas, A.; Grigaliunas, S.; Toldinas, J.; Morkevicius, N.; Aleliunas, T.; Smuikys, P. LITNET-2020: An Annotated Real-World Network Flow Dataset for Network Intrusion Detection. Electronics 2020, 9, 800. https://doi.org/10.3390/electronics9050800.
C. Kolias, G. Kambourakis, A. Stavrou and S. Gritzalis, "Intrusion Detection in 802.11 Networks: Empirical Evaluation of Threats and a Public Dataset," in IEEE Communications Surveys & Tutorials, vol. 18, no. 1, pp. 184-208, Firstquarter 2016, doi: 10.1109/COMST.2015.2402161.
Iman Almomani, Bassam Al-Kasasbeh, Mousa AL-Akhras, "WSN-DS: A Dataset for Intrusion Detection Systems in Wireless Sensor Networks", Journal of Sensors, vol. 2016, Article ID 4731953, 16 pages, 2016. https://doi.org/10.1155/2016/4731953.
Hyunjae Kang, Dong Hyun Ahn, Gyung Min Lee, Jeong Do Yoo, Kyung Ho Park, and Huy Kang Kim, "IoT Network Intrusion Dataset.", http://ocslab.hksecurity.net/Datasets/iot-network-intrusion-dataset, 2019.
Neto, E.C.P.; Dadkhah, S.; Ferreira, R.; Zohourian, A.; Lu, R.; Ghorbani, A.A. CICIoT2023: A Real-Time Dataset and Benchmark for Large-Scale Attacks in IoT Environment. Sensors 2023, 23, 5941. https://doi.org/10.3390/s23135941.
M. Ring. A Survey of Network-based Intrusion Detection Data Sets. arXiv preprint arXiv:1903.02460, 2019.
Pantiukhin D.V, Karelova E. Improving of intrusion classification rate by convolution neural network using training set // Information Technology – 2018. – V. 24. – N 6. – P. 406-413 [in Russian].
Yan, G. Han, and Y. Huang, ``New traffic classification method for imbalanced network data,'' J. Comput. Appl., vol. 38, no. 1, pp. 20-25, 2018.
K. Jiang, W. Wang, A. Wang and H. Wu, "Network Intrusion Detection Combined Hybrid Sampling With Deep Hierarchical Network," in IEEE Access, vol. 8, pp. 32464-32476, 2020, doi: 10.1109/ACCESS.2020.2973730.
Liu, L., Wang, P., Lin, J., & Liu, L. (2020). Intrusion detection of imbalanced network traffic based on machine learning and deep learning. IEEE Access, 9, 7550-7563.
Vu L., Bui C. T., Nguyen Q. U. A deep learning based method for handling imbalanced problem in network traffic classification //Proceedings of the Eighth International Symposium on Information and Communication Technology. – 2017. – С. 333-339.
Chen, Hongyu, and Li Jiang. "Efficient GAN-based method for cyber-intrusion detection." arXiv preprint arXiv:1904.02426 (2019).
Mari, A.-G.; Zinca, D.; Dobrota, V. Development of a Machine-Learning Intrusion Detection System and Testing of Its Performance Using a Generative Adversarial Network. Sensors 2023, 23, 1315.
Open Source IDS Tools: Comparing Suricata, Snort, Bro (Zeek), Linux, May 2021. [Online]. Available: https://cybersecurity.att.com/blogs/security-essentials/open-source-intrusion-detection-tools-a-quick-overview.
Snoort, October 2005. [Online]. Available: h http://www.thg.ru/network/20051020/index.html.
Base Project, October 2013. [Online]. Available: http://sourceforge.net/projects/secureideas/.
IDS/IPS Suricata, June, 2015. [Online]. Available: https://xakep.ru/2015/06/28/suricata-ids-ips-197/.
Suricata, Snort and Zeek: 3 Open Source Technologies for Securing Modern Networks, 2021. [Online]. Available: https://bricata.com/blog/snort-suricata-bro-ids/.
Downloads
Published
How to Cite
Issue
Section
License
Proposed Policy for Journals That Offer Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
Proposed Policy for Journals That Offer Delayed Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication, with the work [SPECIFY PERIOD OF TIME] after publication simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).