Journal of Information Processing Systems

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

Network Intrusion Detection Using Transformer and BiGRU-DNN in Edge Computing

  • Huijuan Sun (College of Computer and Information Technology, Henan Finance University)
  • Received : 2023.03.28
  • Accepted : 2023.06.25
  • Published : 2024.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

To address the issue of class imbalance in network traffic data, which affects the network intrusion detection performance, a combined framework using transformers is proposed. First, Tomek Links, SMOTE, and WGAN are used to preprocess the data to solve the class-imbalance problem. Second, the transformer is used to encode traffic data to extract the correlation between network traffic. Finally, a hybrid deep learning network model combining a bidirectional gated current unit and deep neural network is proposed, which is used to extract long-dependence features. A DNN is used to extract deep level features, and softmax is used to complete classification. Experiments were conducted on the NSLKDD, UNSWNB15, and CICIDS2017 datasets, and the detection accuracy rates of the proposed model were 99.72%, 84.86%, and 99.89% on three datasets, respectively. Compared with other relatively new deep-learning network models, it effectively improved the intrusion detection performance, thereby improving the communication security of network data.

Keywords

References

  1. Y. Shen, K. Zheng, and C. Wu, "A hybrid PSO-BPSO based kernel extreme learning machine model for intrusion detection," Journal of Information Processing Systems, vol. 18, no. 1, pp. 146-158, 2022. https://doi.org/10.3745/JIPS.03.0174 
  2. R. Amin, M. Hussain, M. Alhameed, S. M. Raza, F. Jeribi, and A. Tahir, "Edge-computing with graph computation: a novel mechanism to handle network intrusion and address spoofing in SDN," Computers, Materials & Continua, vol. 65, no. 3, pp. 1869-1890, 2020. https://doi.org/10.32604/cmc.2020.011758 
  3. L. Nie, Y. Wu, X. Wang, L. Guo, G. Wang, X. Gao, and S. Li, "Intrusion detection for secure social internet of things based on collaborative edge computing: a generative adversarial network-based approach," IEEE Transactions on Computational Social Systems, vol. 9, no. 1, pp. 134-145, 2022. https://doi.org/10.1109/TCSS.2021.3063538 
  4. H. Bangui and B. Buhnova, "Lightweight intrusion detection for edge computing networks using deep forest and bio-inspired algorithms," Computers and Electrical Engineering, vol. 100, article no. 107901, 2022. https://doi.org/10.1016/j.compeleceng.2022.107901 
  5. I. H. Hassan, M. Abdullahi, M. M. Aliyu, S. A. Yusuf, and A. Abdulrahim, "An improved binary manta ray foraging optimization algorithm based feature selection and random forest classifier for network intrusion detection," Intelligent Systems with Applications, vol. 16, article no. 200114, 2022. https://doi.org/10.1016/j.iswa.2022.200114 
  6. F. Salo, A. B. Nassif, and A. Essex, "Dimensionality reduction with IG-PCA and ensemble classifier for network intrusion detection," Computer Networks, vol. 148, pp. 164-175, 2019. https://doi.org/10.1016/j.comnet.2018.11.010 
  7. H. Zhang, J. L. Li, X. M. Liu, and C. Dong, "Multi-dimensional feature fusion and stacking ensemble mechanism for network intrusion detection," Future Generation Computer Systems, vol. 122, pp. 130-143, 2021. https://doi.org/10.1016/j.future.2021.03.024 
  8. C. Zhang, D. Jia, L. Wang, W. Wang, F. Liu, and A. Yang, "Comparative research on network intrusion detection methods based on machine learning," Computers & Security, vol. 121, article no. 102861, 2022. https://doi.org/10.1016/j.cose.2022.102861 
  9. M. Almiani, A. AbuGhazleh, A. Al-Rahayfeh, S. Atiewi, and A. Razaque, "Deep recurrent neural network for IoT intrusion detection system," Simulation Modelling Practice and Theory, vol. 101, article no. 102031, 2020. https://doi.org/10.1016/j.simpat.2019.102031 
  10. M. Al-Hawawreh and E. Sitnikova, "Industrial Internet of Things based ransomware detection using stacked variational neural network," in Proceedings of the 3rd International Conference on Big Data and Internet of Things, Melbourne, Australia, 2019, pp. 126-130. https://doi.org/10.1145/3361758.3361763 
  11. H. Liu, Z. Zhou, and M. Zhang, "Application of optimized bidirectional generative adversarial network in ICS intrusion detection," in Proceedings of 2020 Chinese Control and Decision Conference (CCDC), Hefei, China, 2020, pp. 3009-3014. https://doi.org/10.1109/CCDC49329.2020.9164558 
  12. Y. Z. Li, Y. Li, and S. Zhang, "Intrusion detection algorithm based on deep learning for industrial control networks," in Proceedings of the 2019 The 2nd International Conference on Robotics, Control and Automation Engineering, Lanzhou, China, 2019, pp. 40-44. https://doi.org/10.1145/3372047.3372092 
  13. I. Al-Turaiki and N. Altwaijry, "A convolutional neural network for improved anomaly-based network intrusion detection," Big Data, vol. 9, no. 3, pp. 233-252, 2021. https://doi.org/10.1089/big.2020.0263 
  14. N. B. Singh, M. M. Singh, A. Sarkar, and J. K. Mandal, "A novel wide & deep transfer learning stacked GRU framework for network intrusion detection," Journal of Information Security and Applications, vol. 61, article no. 102899, 2021. https://doi.org/10.1016/j.jisa.2021.102899 
  15. S. Liaqat, A. Akhunzada, F. S. Shaikh, A. Giannetsos, and M. A. Jan, "SDN orchestration to combat evolving cyber threats in Internet of Medical Things (IoMT)," Computer Communications, vol. 160, pp. 697-705, 2020. https://doi.org/10.1016/j.comcom.2020.07.006 
  16. M. Saharkhizan, A. Azmoodeh, A. Dehghantanha, K. K. R. Choo, and R. M. Parizi, "An ensemble of deep recurrent neural networks for detecting IoT cyber attacks using network traffic," IEEE Internet of Things Journal, vol. 7, no. 9, pp. 8852-8859, 2020. https://doi.org/10.1109/JIOT.2020.2996425 
  17. E. Mushtaq, A. Zameer, M. Umer, and A. A. Abbasi, "A two-stage intrusion detection system with autoencoder and LSTMs," Applied Soft Computing, vol. 121, article no. 108768, 2022. https://doi.org/10.1016/j.asoc.2022.108768 
  18. Y. Li, T. Qin, Y. Huang, J. Lan, Z. Liang, and T. Geng, "HDFEF: a hierarchical and dynamic feature extraction framework for intrusion detection systems," Computers & Security, vol. 121, article no. 102842, 2022. https://doi.org/10.1016/j.cose.2022.102842 
  19. J. M. Johnson and T. M. Khoshgoftaar, "Survey on deep learning with class imbalance," Journal of Big Data, vol. 6, article no. 27, 2019. https://doi.org/10.1186/s40537-019-0192-5 
  20. K. R. M. Fernando and C. P. Tsokos, "Dynamically weighted balanced loss: class imbalanced learning and confidence calibration of deep neural networks," IEEE Transactions on Neural Networks and Learning Systems, vol. 33, no. 7, pp. 2940-2951, 2022. https://doi.org/10.1109/TNNLS.2020.3047335 
  21. L. Liu, P. Wang, J. Lin, and L. Liu, "Intrusion detection of imbalanced network traffic based on machine learning and deep learning," IEEE Access, vol. 9, pp. 7550-7563, 2020. https://doi.org/10.1109/ACCESS.2020.3048198
  22. Y. Zhang and Q. Liu, "On IoT intrusion detection based on data augmentation for enhancing learning on unbalanced samples," Future Generation Computer Systems, vol. 133, pp. 213-227, 2022. https://doi.org/10.1016/j.future.2022.03.007 
  23. S. Al and M. Dener, "STL-HDL: a new hybrid network intrusion detection system for imbalanced dataset on big data environment," Computers & Security, vol. 110, article no. 102435, 2021. https://doi.org/10.1016/j.cose.2021.102435 
  24. L. Tian and Y. Lu, "An intrusion detection model based on SMOTE and convolutional neural network ensemble," Journal of Physics: Conference Series, vol. 1828, no. 1, article no. 012024, 2021. https://doi.org/10.1088/1742-6596/1828/1/012024 
  25. M. Arjovsky, S. Chintala, and L. Bottou, "Wasserstein GAN," 2017 [Online]. Available: https://arxiv.org/abs/1701.07875. 
  26. J. Wang, N. Chen, J. Yu, Y. Jin, and Y. Li, "An efficient intrusion detection model combined bidirectional gated recurrent units with attention mechanism," in Proceedings of 2020 7th International Conference on Behavioural and Social Computing (BESC), Bournemouth, UK, 2020, pp. 1-6. https://doi.org/10.1109/BESC51023.2020.9348310 
  27. W. Yang, S. Wang, and M. Johnstone, "A comparative study of ML-ELM and DNN for intrusion detection," in Proceedings of the 2021 Australasian Computer Science Week Multiconference, Dunedin, New Zealand, 2021, pp. 1-7. https://doi.org/10.1145/3437378.3437390 
  28. S. Hanzawa, T. Sakata, K. Kajigaya, R. Takemura, and T. Kawahara, "A large-scale and low-power CAM architecture featuring a one-hot-spot block code for IP-address lookup in a network router," IEEE Journal of Solid-State Circuits, vol. 40, no. 4, pp. 853-861, 2005. https://doi.org/10.1109/JSSC.2005.845554 
  29. F. Amato, N. Mazzocca, F. Moscato, and E. Vivenzio, "Multilayer perceptron: an intelligent model for classification and intrusion detection," in Proceedings of 2017 31st International conference on advanced information networking and applications workshops (WAINA), Taipei, Taiwan, 2017, pp. 686-691. https://doi.org/10.1109/WAINA.2017.134 
  30. S. Choudhary and N. Kesswani, "Analysis of KDD-Cup'99, NSL-KDD and UNSW-NB15 datasets using deep learning in IoT," Procedia Computer Science, vol. 167, pp. 1561-1573, 2020. https://doi.org/10.1016/j.procs.2020.03.367 
  31. G. Kocher and G. Kumar, "Analysis of machine learning algorithms with feature selection for intrusion detection using UNSW-NB15 dataset," 2021 [Online]. Available: https://doi.org/10.2139/ssrn.3784406. 
  32. L. D'hooge, T. Wauters, B. Volckaert, and F. De Turck, "Inter-dataset generalization strength of supervised machine learning methods for intrusion detection," Journal of Information Security and Applications, vol. 54, article no. 102564, 2020. https://doi.org/10.1016/j.jisa.2020.102564