International journal of advanced smart convergence

  • 제12권2호
  • /
  • Pages.67-75
  • /
  • 2023
  • /
  • 2288-2847(pISSN)
  • /
  • 2288-2855(eISSN)
한국인터넷방송통신학회 (The Institute of Internet, Broadcasting and Communication)
권호 표지
DOI QR코드

DOI QR Code

Performance Comparison According to Image Generation Method in NIDS (Network Intrusion Detection System) using CNN

  • Sang Hyun, Kim (Department of Cyber Security, Youngsan University, Yangsan Campus)
  • 투고 : 2023.03.26
  • 심사 : 2023.04.07
  • 발행 : 2023.06.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

Recently, many studies have been conducted on ways to utilize AI technology in NIDS (Network Intrusion Detection System). In particular, CNN-based NIDS generally shows excellent performance. CNN is basically a method of using correlation between pixels existing in an image. Therefore, the method of generating an image is very important in CNN. In this paper, the performance comparison of CNN-based NIDS according to the image generation method was performed. The image generation methods used in the experiment are a direct conversion method and a one-hot encoding based method. As a result of the experiment, the performance of NIDS was different depending on the image generation method. In particular, it was confirmed that the method combining the direct conversion method and the one-hot encoding based method proposed in this paper showed the best performance.

키워드

과제정보

This work was supported by Youngsan University Research Fund of 2022.

참고문헌

  1. Ahmad, Zeeshan, et al. "Network intrusion detection system: A systematic study of machine learning and deep learning approaches," Transactions on Emerging Telecommunications Technologies 32.1 e4150, 2021. DOI: 10.1002/ett.4150.
  2. Althubiti, Sara A., Eric Marcell Jones, and Kaushik Roy. "LSTM for anomaly-based network intrusion detection," 2018 28th International telecommunication networks and applications conference (ITNAC). IEEE, 2018. DOI: 10.1109/ATNAC.2018.8615300.
  3. Atilla Ozgur and Hamit Erdem, "A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015," PeerJ Preprints 4:e1954v1, 2016. DOI:10.7287/PEERJ.PREPRINTS.1954.
  4. Mahbod Tavallaee, Ebrahim Bagheri, Wei Lu, and Ali A. Ghorbani, "A detailed analysis of the KDD CUP 99 data set," Computational Intelligence in Security and Defense Applications, 2009. CISDA 2009. IEEE Symposium on IEEE, pp.1-6, 2009. DOI: 10.1109/CISDA.2009.5356528
  5. KDD CUP 99 dataset available: http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.
  6. Laheeb M. Ibrahim, Dujan T. Basheer and Mahmod S. Mahmod, "A comparison study for intrusion database (KDD99, NSL-KDD) based on self organization map (SOM) artificial neural network," Journal of Engineering Science and Technology, Vol. 8, No.1, pp.107-119, 2013.
  7. NSL-KDD dataset available: https://github.com/defcom17/NSL_KDD.
  8. McHugh, John, Alan Christie, and Julia Allen. "Defending yourself: The role of intrusion detection systems," IEEE software 17.5, pp. 42-51, 2000. DOI: 10.1109/52.877859.
  9. Zavrak, Sultan, and Murat Iskefiyeli. "Anomaly-based intrusion detection from network flow features using variational autoencoder," IEEE Access 8, 108346-108358, 2020. DOI: 10.1109/ACCESS.2020.3001350.
  10. Y. R. Song, S. W. Hyun, and Y. G. Cheong. "Analysis of autoencoders for network intrusion detection," Sensors 21.13, 4294. 2021. DOI: 10.3390/s21134294.
  11. Jiho Jang, Dongjun Lim, Changmin Seong, JongHun Lee, JongGeun Park, and YunGyung Cheong, "Evaluating Unsupervised Deep Learning Models for Network Intrusion Detection Using Real Security Event Data," International Journal of Advanced Smart Convergence Vol.11, No.4, pp. 10-19, 2022. http://dx.doi.org/10.7236/IJASC.2022.11.4.10.
  12. W. Y. Jo, et al. "Packet Preprocessing in CNN-based network intrusion detection system," Electronics 9.7 1151, 2020. DOI: 10.3390/electronics9071151.
  13. Yihan Xiao, Cheng Xing, Taining Zhang, and Zhongkai Zhao, "An intrusion detection model based on feature reduction and convolutional neural networks," IEEE Access. 7:42210-42219, 2019. DOI: 10.1109/ACCESS.2019.2904620