The Journal of the Korea institute of electronic communication sciences (한국전자통신학회논문지)

Korea Institute of Electronic Communication Science (한국전자통신학회)
권호 표지
DOI QR코드

DOI QR Code

Intrusion Detection Approach using Feature Learning and Hierarchical Classification

특징학습과 계층분류를 이용한 침입탐지 방법 연구

  • 이한성 (안동대학교 창의융합학부) ;
  • 정윤희 (안동대학교 멀티미디어공학과) ;
  • 정세훈 (순천대학교 컴퓨터공학과)
  • Received : 2023.12.05
  • Accepted : 2024.02.17
  • Published : 2024.02.29
Download PDF
⟨ Previous Next ⟩

Abstract

Machine learning-based intrusion detection methodologies require a large amount of uniform learning data for each class to be classified, and have the problem of having to retrain the entire system when adding an attack type to be detected or classified. In this paper, we use feature learning and hierarchical classification methods to solve classification problems and data imbalance problems using relatively little training data, and propose an intrusion detection methodology that makes it easy to add new attack types. The feasibility of the proposed system was verified through experiments using KDD IDS data..

기계학습 기반의 침입탐지 방법론들은 분류하고자 하는 각 클래스에 대해 균등한 많은 학습 데이터가 필요하며, 탐지 또는 분류하려는 공격유형의 추가 시 시스템을 모두 재학습해야 하는 문제점을 가지고 있다. 본 논문에서는 특징학습과 계층분류 방법을 이용하여, 비교적 적은 학습 데이터를 이용한 분류 문제 및 데이터 불균형 문제를 해결하고, 새로운 공격유형의 추가가 쉬운 침입탐지 방법론을 제안하고자 한다. 제안된 시스템은 KDD 침입탐지 데이터를 이용한 실험으로 가능성을 검증하였다.

Keywords

Acknowledgement

이 논문은 2021학년도 안동대학교 학술연구조성비에 의하여 연구되었음

References

  1. M. Macas, C. Wu, and W. Fuertes, "A survey on deep learning for cybersecurity: Progress, challenges, and opportunities," Computer Networks, vol. 212, 2022, pp. 1-33. https://doi.org/10.1016/j.comnet.2022.109032
  2. Y. Chun, "Hacking Detection Mechanism of Cyber Attacks Modeling," J. of the Korea Institute of Electronic Communication Sciences, vol. 8, no. 9, 2013, pp. 1313-1318. https://doi.org/10.13067/JKIECS.2013.8.9.1313
  3. M. Ahsan, K. E. Nygard, R. Gomes, M. M. Chowdhury, N. Rifat, and J. F. Connolly, "Cybersecurity Threats and Their Mitigation Approaches Using Machine Learning-A Review," J. of Cybersecurity and Privacy, vol. 2, no. 3, 2022, pp. 527-555. https://doi.org/10.3390/jcp2030027
  4. H. Liu and B. Lang, "Machine Learning and Deep Learning Methods for Intrusion Detection Systems: A Survey," Applied Sciences, vol. 9, no. 20, 2019, pp. 1-28. https://doi.org/10.3390/app9204396
  5. P. Toupas, D. Chamou, K. M. Giannoutakis, A. Drosou, and D. Tzovaras, "An Intrusion Detection System for Multi-Class Classification based on Deep Neural Networks," In Proc. International Conf. on Machine Learning and Applications, Boca Raton, FL, USA, Dec. 2019.
  6. Y. Lee, "A Design and Analysis of Multiple Intrusion Detection Model," J. of the Korea Institute of Electronic Communication Sciences, vol. 11, no. 6, 2016, pp. 619-626. https://doi.org/10.13067/JKIECS.2016.11.6.619
  7. Y. Zeng, H. Gu, W. Wei, and Y. Guo, "Deep-Full-Range : A Deep Learning Based Network Encrypted Traffic Classification and Intrusion Detection Framework," IEEE Access, vol. 7, 2019, pp. 45182-45190. https://doi.org/10.1109/ACCESS.2019.2908225
  8. N. N. Tran, R. Sarker, and J. Hu, "An Approach for Host-Based Intrusion Detection System Design Using Convolutional Neural Network," In Proc. of the Int. Conf. Mobile Networks and Management, Chiba, Japan, Sept. 2017, pp. 116-126.
  9. A. Tuor, S. Kaplan, B. Hutchinson, N. Nichols, and S. Robinson, "Deep learning for unsupervised insider threat detection in structured cybersecurity data streams," In Proc. Works. AAAI Conf. AI, San Francisco, USA, Feb. 2017.
  10. R. Vinayakumar, M. Alazab, K. P. Soman, P. Poornachandran, A. Al-Nemrat, and S. Venkatraman, "Deep Learning Approach for Intelligent Intrusion Detection System," IEEE Access, vol. 7, 2019, pp. 41525-41550. https://doi.org/10.1109/ACCESS.2019.2895334
  11. H. Zhang, X. Yu, P. Ren, C. Luo, and G. Min, "Deep Adversarial Learning in Intrusion Detection: A Data Augmentation Enhanced Framework," ArXiv, abs/1901.07949, vol. 3, 2019.
  12. J. Song, X. Wang, M. He, and L. Jin, "CSK-CNN: Network Intrusion Detection Model Based on Two-Layer Convolution Neural Network for Handling Imbalanced Dataset," Information, vol. 14, no. 2, 2023, p. 1-17.
  13. J. Kwon and S. Cho, "Performance Analysis of Fingerprinting Method for LTE Positioning according to W-KNN Correlation Techniques in Urban Area," J. of the Korea Institute of Electronic Communication Sciences, vol. 16, no. 6, 2021, pp. 1059-1068.
  14. K. Kim, J Kang, S. Han and J Park, "Development of Machine Learning-based Flood Depth and Location Prediction Model," J. of the Korea Institute of Electronic Communication Sciences, vol. 18, no. 1, 2023, pp. 91-98.
  15. F. Amiri, M. M. R. Yousefi, C. Lucas, A. Shakery, and N. Yazdani, "Mutual information-based feature selection for intrusion detection systems," J. Network and Computer Applications, vol. 34, no. 4, 2011, pp. 1184-1199. https://doi.org/10.1016/j.jnca.2011.01.002
  16. M. A. M. Hasan, M. Nasser, B. Pal, and S. Ahmad, "Support vector machine and random forest modeling for intrusion detection system (IDS)," J. Intelligent Learning Systems and Applications, vol. 6, no. 1, 2014, pp. 45-52. https://doi.org/10.4236/jilsa.2014.61005