Skip to main content
SpringerLink
Log in

A Comparison of Neural Network Approaches for Network Intrusion Detection

  • Conference paper
  • First Online:
Artificial Intelligence and Applied Mathematics in Engineering Problems (ICAIAME 2019)

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 43))

  • 1640 Accesses

Abstract

Nowadays, network intrusion detection is an important area of research in computer network security, and the use of artificial neural networks (ANNs) have become increasingly popular in this field. Despite this, the research concerning comparison of artificial neural network architectures in the network intrusion detection is a relatively insufficient. To make up for this lack, this study aims to examine the neural network architectures in network intrusion detection to determine which architecture performs best, and to examine the effects of the architectural components, such as optimization functions, activation functions, learning momentum on the performance. For this purpose, 6480 neural networks were generated, their performances were evaluated by conducting a series of experiments on KDD99 dataset, and the results were reported. This study will be a useful reference to researchers and practitioners hoping to use ANNs in network intrusion detection.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Kuok, C.M., Fu, A., Wong, M.H.: Mining fuzzy association rules in databases. ACM SIGMOD Rec. 27(1), 41–46 (1998). https://doi.org/10.1145/273244.273257. 00653

    Article  Google Scholar 

  2. Dickerson, J.E., Dickerson, J.A.: Fuzzy network profiling for intrusion detection. In: PeachFuzz 2000. 19th International Conference of the North American Fuzzy Information Processing Society - NAFIPS (Cat. No.00TH8500). 00330, Atlanta, GA, USA, pp. 301–306. IEEE (2000). https://doi.org/10.1109/NAFIPS.2000.877441. ISBN: 978-0-7803-6274-1

  3. Tajbakhsh, A., Rahmati, M., Mirzaei, A.: Intrusion detection using fuzzy association rules. Appl. Soft Comput. 9(2), 462–469 (2009). https://doi.org/10.1016/j.asoc.2008.06.001. 00238

    Article  Google Scholar 

  4. Saniee Abadeh, M., Habibi, J., Lucas, C.: Intrusion detection using a fuzzy genetics-based learning algorithm. J. Netw. Comput. Appl. 30(1), 414–428 (2007). https://doi.org/10.1016/j.jnca.2005.05.002. 00200

    Article  Google Scholar 

  5. Kim, J., Bentley, P.J.: Towards an artificial immune system for network intrusion detection: an investigation of clonal selection with a negative selection operator. In: Proceedings of the 2001 Congress on Evolutionary Computation (IEEE Cat. No.01TH8546), vol. 2. 00361, Seoul, South Korea, pp. 1244–1252. IEEE (2001). https://doi.org/10.1109/CEC.2001.934333. ISBN: 978-0-7803-6657-2

  6. Toosi, A.N., Kahani, M.: A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers. Comput. Commun. 30(10), 2201–2212 (2007). https://doi.org/10.1016/j.comcom.2007.05.002. 00251

    Article  Google Scholar 

  7. Dasgupta, D., Gonzalez, F.: An immunity-based technique to characterize intrusions in computer networks. IEEE Trans. Evol. Comput. 6(3), 281–291 (2002). https://doi.org/10.1109/TEVC.2002.1011541. 00505

    Article  Google Scholar 

  8. Mukkamala, S., Janoski, G., Sung, A.: Intrusion detection using neural networks and support vector machines. In: Proceedings of the 2002 International Joint Conference on Neural Networks, IJCNN 2002 (Cat. No.02CH37290). 00802, Honolulu, HI, USA, pp. 1702–1707. IEEE (2002). https://doi.org/10.1109/IJCNN.2002.1007774. ISBN: 978-0-7803-7278-8

  9. Sung, A.H., Mukkamala, S.: Identifying important features for intrusion detection using support vector machines and neural networks. In: Proceedings of the 2003 Symposium on Applications and the Internet (SAINT 2003). 00483, Orlando, FL, USA, pp. 209–216. IEEE Computer Society (2003). https://doi.org/10.1109/SAINT.2003.1183050. ISBN: 978-0-7695-1872-5

  10. Chen, W.-H., Hsu, S.-H., Shen, H.-P.: Application of SVM and ANN for intrusion detection. Comput. Oper. Res. 32(10), 2617–2634 (2005). https://doi.org/10.1016/j.cor.2004.03.019. 00308

    Article  MATH  Google Scholar 

  11. Deng, H., Zeng, Q.-A., Agrawal, D.P.: SVM-based intrusion detection system for wireless ad hoc networks. In: 2003 IEEE 58th Vehicular Technology Conference, VTC 2003-Fall (IEEE Cat. No.03CH37484), vol. 3. 00111, Orlando, FL, USA, pp. 2147–2151. IEEE (2003). https://doi.org/10.1109/VETECF.2003.1285404. ISBN: 978-0-7803-7954-1

  12. Liao, Y., Vemuri, V.R.: Use of K-nearest neighbor classifier for intrusion detection. Comput. Secur. 21(5), 439–448 (2002). https://doi.org/10.1016/S0167-4048(02)00514-X. 00000

    Article  Google Scholar 

  13. Li, Y., Guo, L.: An active learning based TCM-KNN algorithm for supervised network intrusion detection. Comput. Secur. 26(7–8), 459–467 (2007). https://doi.org/10.1016/j.cose.2007.10.002. 00123

    Article  Google Scholar 

  14. Stein, G., et al.: Decision tree classifier for network intrusion detection with GA-based feature selection. In: Proceedings of the 43rd Annual Southeast Regional Conference on - ACM-SE 43, vol. 2. 00232, Kennesaw, Georgia, p. 136. ACM Press (2005). https://doi.org/10.1145/1167253.1167288. ISBN: 978-1-59593-059-0

  15. Aburomman, A.A., Reaz, M.B.I.: A novel SVMkNN- PSO ensemble method for intrusion detection system. Appl. Soft Comput. 38, 360–372 (2016). https://doi.org/10.1016/j.asoc.2015.10.011. 00121

    Article  Google Scholar 

  16. Öney, M.U., Peker, S.: The use of artificial neural networks in network intrusion detection: a systematic review. In: 2018 International Conference on Artificial Intelligence and Data Processing (IDAP). 00000, pp. 1–6. IEEE (2018)

    Google Scholar 

  17. Kwon, D., et al.: A survey of deep learning-based network anomaly detection. Clust. Comput., 1–13 (2017)

    Google Scholar 

  18. Denning, D.E.: An intrusion-detection model. IEEE Trans. Softw. Eng. 2, 222–232 (1987). https://doi.org/10.1109/TSE.1987.232894. 04895

    Article  Google Scholar 

  19. Debar, H., Becker, M., Siboni, D.: A neural network component for an intrusion detection system. In: IEEE Symposium on Security and Privacy. 00727, pp. 240–250 (1992)

    Google Scholar 

  20. Cahyo, A.N., Hidayat, R., Adhipta, D.: Performance comparison of intrusion detection system based anomaly detection using artificial neural network and support vector machine. In: Proceedings of the 12th International Conference on Synchrotron Radiation Instrumentation – SRI 2015. 00002, New York, NY, USA, p. 070011 (2016). https://doi.org/10.1063/1.4958506

  21. Shrivas, A.K., Dewangan, A.K.: An ensemble model for classification of attacks with feature selection based on KDD99 and NSL-KDD data set. Int. J. Comput. Appl. 99(15), 8–13 (2014). 00026

    Google Scholar 

  22. Tang, T.A., et al.: Deep learning approach for network intrusion detection in software defined networking. In: 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM). 00082, Fez, Morocco, pp. 258–263. IEEE, October 2016. https://doi.org/10.1109/WINCOM.2016.7777224. ISBN: 978-1-5090-3837-4

  23. Dong, B., Wang, X.: Comparison deep learning method to traditional methods using for network intrusion detection. In: Proceedings of the IEEE ICCSN. 00031, pp. 581–585 (2016)

    Google Scholar 

  24. Aminanto, M.E., Kim, K.: Deep learning-based feature selection for intrusion detection system in transport layer (2016). 00002

    Google Scholar 

  25. Javaid, A., et al.: A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International Conference on Bio-Inspired Information and Communications Technologies (Formerly BIONETICS). 00118, New York City, United States. ACM (2016). https://doi.org/10.4108/eai.3-12-2015.2262516. ISBN: 978-1-63190-100-3

  26. Chiba, Z., et al.: A novel architecture combined with optimal parameters for back propagation neural networks applied to anomaly network intrusion detection. Comput. Secur. 75(00001), 36–58 (2018). https://doi.org/10.1016/j.cose.2018.01.023. 00001

    Article  Google Scholar 

  27. Kim, J., Le, T.-T.-H., Kim, H.: An effective intrusion detection classifier using long short-term memory with gradient descent optimization. In: International Conference on Platform Technology and Service (2017)

    Google Scholar 

  28. Sibi, P., Allwyn Jones, S., Siddarth, P.: Analysis of different activation functions using back propagation neural networks. J. Theor. Appl. Inf. Technol. 47, 5 (2005). 00105

    Google Scholar 

  29. Chandra, P., Singh, Y.: An activation function adapting training algorithm for sigmoidal feedforward networks. Neurocomputing 61, 429–437 (2004). https://doi.org/10.1016/j.neucom.2004.04.001. 00070

    Article  Google Scholar 

  30. Singh, Y., Chandra, P.: A class +1 sigmoidal activation functions for FFANNs. J. Econ. Dyn. Control. 28(1), 183–187 (2003). https://doi.org/10.1016/S0165-1889(02)00157-4. 00000

    Article  MathSciNet  MATH  Google Scholar 

  31. Srivastava, N., et al.: Dropout: a simple way to prevent neural networks from overfitting. J. Mach. Learn. Res. 15, 1929–1958 (2014)

    MathSciNet  MATH  Google Scholar 

  32. Stolfo, S.J., et al.: Cost-based modeling for fraud and intrusion detection: results from the JAM project. In: Proceedings DARPA Information Survivability Conference and Exposition, DISCEX 2000, vol. 2. 00532, Hilton Head, SC, USA, pp. 130–144. IEEE Computer Society (1999). https://doi.org/10.1109/DISCEX.2000.821515. ISBN: 978- 0-7695-0490-2

  33. Tavallaee, M., et al.: A detailed analysis of the KDD CUP 99 data set. In: IEEE Symposium On Computational Intelligence for Security and Defense Applications, CISDA 2009, pp. 1–6. IEEE (2009). ISBN: 1- 4244-3763-6

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. May Cyber Technology Inc., Ankara, Turkey

    Mehmet Uğur Öney

  2. Bakırçay University, İzmir, Turkey

    Serhat Peker

  3. Atılım University, Ankara, Turkey

    Mehmet Uğur Öney & Serhat Peker

Authors
  1. Mehmet Uğur Öney
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Serhat Peker
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mehmet Uğur Öney .

Editor information

Editors and Affiliations

  1. Department of ECE, Karunya University, Coimbatore, Tamil Nadu, India

    D. Jude Hemanth

  2. Department of Computer Engineering, Faculty of Engineering, Suleyman Demirel University, Isparta, Isparta, Turkey

    Utku Kose

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Öney, M.U., Peker, S. (2020). A Comparison of Neural Network Approaches for Network Intrusion Detection. In: Hemanth, D., Kose, U. (eds) Artificial Intelligence and Applied Mathematics in Engineering Problems. ICAIAME 2019. Lecture Notes on Data Engineering and Communications Technologies, vol 43. Springer, Cham. https://doi.org/10.1007/978-3-030-36178-5_49

Download citation

Publish with us

Policies and ethics

Search

Navigation