Top

Published in:

2018 | OriginalPaper | Chapter

SU-IDS: A Semi-supervised and Unsupervised Framework for Network Intrusion Detection

Authors : Erxue Min, Jun Long, Qiang Liu, Jianjing Cui, Zhiping Cai, Junbo Ma

Published in: Cloud Computing and Security

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Network Intrusion Detection Systems (NIDSs) are increasingly crucial due to the expansion of computer networks. Detection techniques based on machine learning have attracted extensive attention for their capability to detect novel attacks. However, they require a large amount of labeled training data to train an effective model, which is difficult and expensive to obtain. To this effect, it is critically important to build models which can learn from unlabeled or partially-labeled data. In this paper, we propose an autoencoder-based framework, i.e., SU-IDS, for semi-supervised and unsupervised network intrusion detection. The framework augments the usual clustering (or classification) loss with an auxiliary loss of autoencoder, and thus achieves a better performance. The experimental results on the classic NSL-KDD dataset and the modern CICIDS2017 dataset show the superiority of our proposed models.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Study on the Development of U.S. Intercontinental Alliance Clean Renewable Energy Based on CA-DEA Model

next chapter Using Blockchain for Data Auditing in Cloud Storage

http://unb.ca/cic/research/datasets/index.html.

Kruegel, C., Toth, T.: Using decision trees to improve signature-based intrusion detection. In: Vigna, G., Kruegel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 173–191. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45248-5_10CrossRef

Li, Y., Xia, J., Zhang, S., Yan, J., Ai, X., Dai, K.: An efficient intrusion detection system based on support vector machines and gradually feature removal method. Expert Syst. Appl. 39(1), 424–430 (2012)CrossRef

Jemili, F., Zaghdoud, M., Ahmed, M.B.: A framework for an adaptive intrusion detection system using Bayesian network. In: 2007 IEEE Intelligence and Security Informatics, pp. 66–70. IEEE (2007)

Cannady, J.: Artificial neural networks for misuse detection. In: National Information Systems Security Conference, Baltimore, vol. 26 (1998)

Wagh, S.K., Kolhe, S.R.: Effective intrusion detection system using semi-supervised learning. In: 2014 International Conference on Data Mining and Intelligent Computing (ICDMIC), pp. 1–5. IEEE (2014)

Xiang, Z., Xiao, Z., Wang, D., Georges, H.M.: Incremental semi-supervised kernel construction with self-organizing incremental neural network and application in intrusion detection. J. Intell. Fuzzy Syst. 31(2), 815–823 (2016)CrossRef

Guan, Y., Ghorbani, A.A., Belacel, N.: Y-means: a clustering method for intrusion detection. In: Canadian Conference on Electrical and Computer Engineering, IEEE CCECE 2003, vol. 2, pp. 1083–1086. IEEE (2003)

Li, Z., Li, Y., Xu, L.: Anomaly intrusion detection method based on k-means clustering algorithm with particle swarm optimization. In: 2011 International Conference on Information Technology, Computer Engineering and Management Sciences (ICM), vol. 2, pp. 157–161. IEEE (2011)

Campos, G.O., et al.: On the evaluation of unsupervised outlier detection: measures, datasets, and an empirical study. Data Mining Knowl. Discov. 30(4), 891–927 (2016)MathSciNetCrossRef

10.

Rasmus, A., Berglund, M., Honkala, M., Valpola, H., Raiko, T.: Semi-supervised learning with ladder networks. In: Advances in Neural Information Processing Systems, pp. 3546–3554 (2015)

11.

Zhao, J., Mathieu, M., Goroshin, R., Lecun, Y.: Stacked what-where auto-encoders. Comput. Sci. 15(1), 3563–3593 (2015)

12.

Yang, B., Fu, X., Sidiropoulos, N.D., Hong, M.: Towards k-means-friendly spaces: simultaneous deep learning and clustering (2016). arXiv preprint arXiv:1610.04794

13.

Mao, C.-H., Lee, H.-M., Parikh, D., Chen, T., Huang, S.-Y.: Semi-supervised co-training and active learning based approach for multi-view intrusion detection. In: Proceedings of the 2009 ACM symposium on Applied Computing, pp. 2042–2048. ACM (2009)

14.

Chen, C., Gong, Y., Tian, Y.: Semi-supervised learning methods for network intrusion detection. In: IEEE International Conference on Systems, Man and Cybernetics, SMC 2008, pp. 2603–2608. IEEE (2008)

15.

Meng, Y., Kwok, L.: Intrusion detection using disagreement-based semi-supervised learning: detection enhancement and false alarm reduction. In: Xiang, Y., Lopez, J., Kuo, C.-C.J., Zhou, W. (eds.) CSS 2012. LNCS, vol. 7672, pp. 483–497. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-35362-8_36CrossRef

16.

Fitriani, S., Mandala, S., Murti, M.A.: Review of semi-supervised method for intrusion detection system. In: 2016 Asia Pacific Conference on Multimedia and Broadcasting (APMediaCast), pp. 36–41. IEEE (2016)

17.

Goldstein, M., Dengel, A.: Histogram-based outlier score (hbos): a fast unsupervised anomaly detection algorithm. In: KI-2012: Poster and Demo Track, pp. 59–63 (2012)

18.

Ramaswamy, S., Rastogi, R., Shim, K.: Efficient algorithms for mining outliers from large data sets. In: ACM Sigmod Record, vol. 29, pp. 427–438. ACM (2000)

19.

Fan, H., Zaïane, O.R., Foss, A., Wu, J.: A nonparametric outlier detection for effectively discovering top-n outliers from engineering data. In: Ng, W.-K., Kitsuregawa, M., Li, J., Chang, K. (eds.) PAKDD 2006. LNCS (LNAI), vol. 3918, pp. 557–566. Springer, Heidelberg (2006). https://doi.org/10.1007/11731139_66CrossRef

20.

Ma, T., Wang, F., Cheng, J., Yang, Y., Chen, X.: A hybrid spectral clustering and deep neural network ensemble algorithm for intrusion detection in sensor networks. Sensors 16(10), 1701 (2016)CrossRef

21.

Javaid, A., Niyaz, Q., Sun, W., Alam, M.: A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (formerly BIONETICS), pp. 21–26. ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering) (2016)

22.

Tan, Z., Jamdagni, A., He, X., Nanda, P., Liu, R.P., Hu, J.: Detection of denial-of-service attacks based on computer vision techniques. IEEE Trans. Comput. 64(9), 2519–2533 (2015)MathSciNetCrossRef

23.

Torres, P., Catania, C., Garcia, S., Garino, C.G.: An analysis of recurrent neural networks for botnet detection behavior. In: 2016 IEEE Biennial Congress of Argentina (ARGENCON), pp. 1–6. IEEE (2016)

24.

Wang, W., et al.: Hast-ids: learning hierarchical spatial-temporal features using deep neural networks to improve intrusion detection. IEEE Access 6, 1792–1806 (2018)CrossRef

25.

Xie, J., Girshick, R., Farhadi, A.: Unsupervised deep embedding for clustering analysis. In: International Conference on Machine Learning, pp. 478–487 (2016)

26.

Min, E., Zhao, Y., Long, J., Wu, C., Li, K., Yin, J.: SVRG with adaptive epoch size. In: 2017 International Joint Conference on Neural Networks (IJCNN), pp. 2935–2942. IEEE (2017)

27.

Min, E., Cui, J., Long, J.: Variance reduced stochastic optimization for PCA and PLS. In: 2017 10th International Symposium on Computational Intelligence and Design (ISCID), vol. 1, pp. 383–388. IEEE (2017)

28.

Min, E., Long, J., Cui, J.: Analysis of the variance reduction in SVRG and a new acceleration method. IEEE Access 6, 16165–16175 (2018)CrossRef

29.

Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD cup 99 data set. In: IEEE Symposium on Computational Intelligence for Security and Defense Applications, CISDA 2009, pp. 1–6. IEEE (2009)

Title: SU-IDS: A Semi-supervised and Unsupervised Framework for Network Intrusion Detection
Authors: Erxue Min
Jun Long
Qiang Liu
Jianjing Cui
Zhiping Cai
Junbo Ma
Publisher: Springer International Publishing
Book: Cloud Computing and Security
Print ISBN: 978-3-030-00011-0

Electronic ISBN: 978-3-030-00012-7

Copyright Year: 2018
DOI: https://doi.org/10.1007/978-3-030-00012-7_30

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner