A Network Intrusion Detection Method Based on Deep Multi-scale Convolutional Neural Network
- PDF / 1,548,075 Bytes
- 15 Pages / 595.276 x 790.866 pts Page_size
- 96 Downloads / 217 Views
A Network Intrusion Detection Method Based on Deep Multi‑scale Convolutional Neural Network Xiaowei Wang1 · Shoulin Yin1 · Hang Li1 · Jiachi Wang1 · Lin Teng1 Received: 15 October 2019 / Revised: 1 September 2020 / Accepted: 18 September 2020 © Springer Science+Business Media, LLC, part of Springer Nature 2020
Abstract Network intrusion detection (NID) is an important method for network system administrators to detect various security holes. The performance of traditional NID methods can be affected when unknown or new attacks are detected. Compared with other machine learning methods, the intrusion detection method based on convolutional neural network (CNN) can significantly improve the accuracy of classification, but the convergence speed and generalization ability of CNN are not ideal in model training process resulting in a low true rate and a high false alarm rate. To solve the above problems, this paper proposes a deep multi-scale convolutional neural network (DMCNN) for network intrusion detection. Different levels of features in a large number of high-dimensional unlabeled original data are extracted by different scales convolution kernel. And the learning rate of network structure is optimized by batch normalization method to obtain the optimal feature representation of the raw data. We use NSL-KDD dataset as the benchmark thus we can compare the performance of our proposed method with other existing works. This dataset includes two testing sets which are the first one is KDDTest+ while the second one is KDDTest−21 which is more difficult to be classified. The experimental results reveal that the AC and TPR are higher through our DMCNN model. Especially, in terms of DOS, the AC appropriately reaches to 98%. DMCNN has a high intrusion detection accuracy and a low false alarm rate, which overcomes the limitations of using the traditional detection methods and makes the new approach an attractive one for practical intrusion detection. Keywords Network intrusion detection · CNN · Deep multi-scale · Batch normalization
1 Introduction With the popularization of Internet technology in economy, scientific research, military and people’s daily life, people cannot live without it seriously. With the increasing of Internet attackers and the complexity and diversity of their means, casual negligence may cause significant * Shoulin Yin [email protected] * Hang Li [email protected] Xiaowei Wang [email protected] Jiachi Wang [email protected] Lin Teng [email protected] 1
Software College, Shenyang Normal University, Shenyang, China
hidden dangers for network security [1–3]. Obviously, the network security problems cannot be avoided, so the defense of network security has become more and more urgent. For example, in 2017.3.7, WiKiLeaks decrypted CIA top secret documents. On April 14, 2017, Shadow Brokers made public on steemit.com a trove of highly destructive hacking tools used by the NSA Equation Group, including exploits that could remotely penetrate about 70% of the world’s Windows machines. On May 12, 2017, t
Data Loading...
