An intrusion detection approach based on improved deep belief network
- PDF / 2,049,598 Bytes
- 17 Pages / 595.276 x 790.866 pts Page_size
- 7 Downloads / 262 Views
An intrusion detection approach based on improved deep belief network Qiuting Tian 1 & Dezhi Han 1 & Kuan-Ching Li 2
&
Xingao Liu 1 & Letian Duan 1 & Arcangelo Castiglione 3
# Springer Science+Business Media, LLC, part of Springer Nature 2020
Abstract In today’s interconnected society, cyberattacks have become more frequent and sophisticated, and existing intrusion detection systems may not be adequate in the complex cyberthreat landscape. For instance, existing intrusion detection systems may have overfitting, low classification accuracy, and high false positive rate (FPR) when faced with significantly large volume and variety of network data. An intrusion detection approach based on improved deep belief network (DBN) is proposed in this paper to mitigate the above problems, where the dataset is processed by probabilistic mass function (PMF) encoding and Min-Max normalization method to simplify the data preprocessing. Furthermore, a combined sparsity penalty term based on KullbackLeibler (KL) divergence and non-mean Gaussian distribution is introduced in the likelihood function of the unsupervised training phase of DBN, and sparse constraints retrieve the sparse distribution of the dataset, thus avoiding the problem of feature homogeneity and overfitting. Finally, simulation experiments are performed on the NSL-KDD and UNSW-NB15 public datasets. The proposed method achieves 96.17% and 86.49% accuracy, respectively. Experimental results show that compared with the state-of-the-art methods, the proposed method achieves significant improvement in classification accuracy and FPR. Keywords Intrusion detection . Deep belief network (DBN) . Probabilistic mass function (PMF), likelihood function, Kullback-Leibler (KL) divergence
1 Introduction
* Kuan-Ching Li [email protected] Qiuting Tian [email protected] Dezhi Han [email protected] Xingao Liu [email protected] Letian Duan [email protected] Arcangelo Castiglione [email protected] 1
College of Information Engineering, Shanghai Maritime University, Shanghai, China
2
Department of Computer Science and Information Engineering (CSIE), Providence University, Taichung City, Taiwan
3
Department of Computer Science, University of Salerno, Fisciano, SA, Italy
As networks become more complex and society becomes more dependent on information and communication technologies, so does the cybersecurity risks. Examples of relatively recent high profile incidents include the attack on Ukrainian power in 2015 [1], and the ransomware incidents that affected several government agencies in the United States [2]. Cyber threats may arise at any time, and such network intrusions can cause invaluable losses of privacy, properties, and reputation. Intrusion detection technology is a proactive network security facility that provides real-time protection against internal attacks, external attacks, and misoperations, and effectively intercepts and blocks threats to network systems before they are attacked. However, the traditional intrusion detection systems (IDS) have problems such
Data Loading...
