Intrusion Detection Based on Fusing Deep Neural Networks and Transfer Learning

  • Yingying Xu
  • Zhi LiuEmail author
  • Yanmiao Li
  • Yushuo Zheng
  • Haixia Hou
  • Mingcheng Gao
  • Yongsheng Song
  • Yang Xin
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1181)


Intrusion detection is the key research direction of network security. With the rapid growth of network data and the enrichment of intrusion methods, traditional detection methods can no longer meet the security requirements of the current network environment. In recent years, the rapid development of deep learning technology and its great success in the field of imagery have provided a new solution for network intrusion detection. By visualizing the network data, this paper proposes an intrusion detection method based on deep learning and transfer learning, which transforms the intrusion detection problem into image recognition problem. Specifically, the stream data visualization method is used to present the network data in the form of a grayscale image, and then a deep learning method is introduced to detect the network intrusion according to the texture features in the grayscale image. Finally, transfer learning is introduced to improve the iterative efficiency and adaptability of the model. The experimental results show that the proposed method is more efficient and robust than the mainstream machine learning and deep learning methods, and has better generalization performance, which can detect new intrusion methods more effectively.


Deep learning Intrusion detection Convolutional neural network Transfer learning 



This work was supported in part by the National Key R&D Program (No. 2018YFC0831006 and 2017YFB1400102), the Key Research and Development Plan of Shandong Province (No. 2017CXGC1503 and 2018GSF118228).


  1. 1.
    Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18(2), 1153–1176 (2016)CrossRefGoogle Scholar
  2. 2.
    Torres, P., Catania, C., Garcia, S., Garino, C.G.: An analysis of recurrent neural networks for botnet detection behavior. In: 2016 IEEE Biennial Congress of Argentina (ARGENCON), pp. 1–6. IEEE, Buenos Aires, June 2016Google Scholar
  3. 3.
    Alrawashdeh, K., Purdy, C.: Toward an online anomaly intrusion detection system based on deep learning. In: 2016 15th IEEE International Conference on Machine Learning and Applications (ICMLA), pp. 195–200. IEEE (2016)Google Scholar
  4. 4.
    Shone, N., Ngoc, T.N., Phai, V.D., Shi, Q.: A deep learning approach to network intrusion detection. IEEE Trans. Emerg. Top. Comput. Intell. 2(1), 41–50 (2018)CrossRefGoogle Scholar
  5. 5.
    Saxe, J., Berlin, K.: eXpose: a character-level convolutional neural network with embeddings for detecting malicious URLs, file paths and registry keys. arXiv preprint arXiv:1702.08568 (2017)
  6. 6.
    Xiao, Y., Xing, C., Zhang, T., Zhao, Z.: An intrusion detection model based on feature reduction and convolutional neural networks. IEEE Access 7, 42210–42219 (2019)CrossRefGoogle Scholar
  7. 7.
    Labonne, M., Olivereau, A., Polvé, B., Zeghlache, D.: A cascade-structured meta-specialists approach for neural network-based intrusion detection. In: 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC), pp. 1–6. IEEE (2019)Google Scholar
  8. 8.
    Kasongo, S.M., Sun, Y.: A deep learning method with filter based feature engineering for wireless intrusion detection system. IEEE Access 7, 38597–38607 (2019)CrossRefGoogle Scholar
  9. 9.
    Staudemeyer, R.C.: Applying long short-term memory recurrent neural networks to intrusion detection. S. Afr. Comput. J. 56(1), 136–154 (2015)Google Scholar
  10. 10.
    Kim, G., Yi, H., Lee, J., Paek, Y., Yoon, S.: LSTM-based system-call language modeling and robust ensemble method for designing host-based intrusion detection systems. arXiv preprint arXiv:1611.01726 (2016)
  11. 11.
    Agarap, A.F.M.: A neural network architecture combining gated recurrent unit (GRU) and support vector machine (SVM) for intrusion detection in network traffic data. In: Proceedings of the 2018 10th International Conference on Machine Learning and Computing, pp. 26–30. ACM (2018)Google Scholar
  12. 12.
    Kolosnjaji, B., Zarras, A., Webster, G., Eckert, C.: Deep learning for classification of malware system call sequences. In: Kang, B.H., Bai, Q. (eds.) AI 2016. LNCS (LNAI), vol. 9992, pp. 137–149. Springer, Cham (2016). Scholar
  13. 13.
    Zhao, G., Zhang, C., Zheng, L.: Intrusion detection using deep belief network and probabilistic neural network. In: 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC), vol. 1, pp. 639–642. IEEE (2017)Google Scholar
  14. 14.
    Gao, N., Gao, L., Gao, Q., Wang, H.: An intrusion detection model based on deep belief networks. In: 2014 Second International Conference on Advanced Cloud and Big Data, pp. 247–252. IEEE (2014)Google Scholar
  15. 15.
    Tan, Q.S., Huang, W., Li, Q.: An intrusion detection method based on DBN in ad hoc networks. In: Wireless Communication and Sensor Network: Proceedings of the International Conference on Wireless Communication and Sensor Network (WCSN 2015), pp. 477–485. World Scientific (2016)Google Scholar
  16. 16.
    Wang, W., Zhu, M., Wang, J., Zeng, X., Yang, Z.: End-to-end encrypted traffic classification with one-dimensional convolution neural networks. In: 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 43–48. IEEE (2017)Google Scholar
  17. 17.
    Dubey, S., Dubey, J.: KBB: a hybrid method for intrusion detection. In: 2015 International Conference on Computer, Communication and Control (IC4), pp. 1–6. IEEE (2015)Google Scholar
  18. 18.
    Yin, C., Zhu, Y., Fei, J., He, X.: A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5, 21954–21961 (2017)CrossRefGoogle Scholar
  19. 19.
    Al-Qatf, M., Lasheng, Y., Al-Habib, M., Al-Sabahi, K.: Deep learning approach combining sparse autoencoder with SVM for network intrusion detection. IEEE Access 6, 52843–52856 (2018)CrossRefGoogle Scholar
  20. 20.
    Li, Z., Qin, Z., Huang, K., Yang, X., Ye, S.: Intrusion detection using convolutional neural networks for representation learning. In: Liu, D., Xie, S., Li, Y., Zhao, D., El-Alfy, E.-S.M. (eds.) ICONIP 2017. LNCS, vol. 10638, pp. 858–866. Springer, Cham (2017). Scholar
  21. 21.
    Wang, Z.: Deep learning-based intrusion detection with adversaries. IEEE Access 6, 38367–38384 (2018)CrossRefGoogle Scholar
  22. 22.
    LeCun, Y., Bottou, L., Bengio, Y., Haffner, P., et al.: Gradient-based learning applied to document recognition. Proc. IEEE 86(11), 2278–2324 (1998)CrossRefGoogle Scholar
  23. 23.
    Siddique, K., Akhtar, Z., Khan, F.A., Kim, Y.: KDD Cup 99 data sets: a perspective on the role of data sets in network intrusion detection research. Computer 52(2), 41–51 (2019)CrossRefGoogle Scholar
  24. 24.
    Wang, W., et al.: HAST-IDS: learning hierarchical spatial-temporal features using deep neural networks to improve intrusion detection. IEEE Access 6, 1792–1806 (2018)CrossRefGoogle Scholar
  25. 25.
    Srivastava, N., Hinton, G., Krizhevsky, A., Sutskever, I., Salakhutdinov, R.: Dropout: a simple way to prevent neural networks from overfitting. J. Mach. Learn. Res. 15(1), 1929–1958 (2014)MathSciNetzbMATHGoogle Scholar
  26. 26.
    Xin, Y., et al.: Machine learning and deep learning methods for cybersecurity. IEEE Access 6, 35365–35381 (2018)CrossRefGoogle Scholar
  27. 27.
    Weiss, K.R., Khoshgoftaar, T.M.: Analysis of transfer learning performance measures. In: 2017 IEEE International Conference on Information Reuse and Integration (IRI), pp. 338–345. IEEE (2017)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  • Yingying Xu
    • 1
  • Zhi Liu
    • 1
    Email author
  • Yanmiao Li
    • 2
  • Yushuo Zheng
    • 3
  • Haixia Hou
    • 2
  • Mingcheng Gao
    • 2
  • Yongsheng Song
    • 4
  • Yang Xin
    • 2
  1. 1.School of Information Science and EngineeringShandong UniversityQingdaoChina
  2. 2.Center of Information SecurityBeijing University of Posts and TelecommunicationsBeijingChina
  3. 3.High School Attached to Shandong Normal UniversityJinanChina
  4. 4.Kedun Technology Co., Ltd.YantaiChina

Personalised recommendations