Publication Type : Conference Paper
Publisher : 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI)
Source : 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI) (2017)
Keywords : Anomaly detection, attack network connection records, Binary classification, computer network security, computer security, deep network, diverse dynamic characteristics, Information and Communication Technologies, information and communication technology, Intrusion detection, learning (artificial intelligence), multiclass classification, network breaches, network intrusion detection system, neural nets, NIDS, normal network connection records, Pattern classification, Protocols, security audit data, Shallow and Deep networks, shallow networks, Training
Campus : Coimbatore
School : School of Engineering
Center : Computational Engineering and Networking
Department : Electronics and Communication
Year : 2017
Abstract : Network intrusion detection system (NIDS) is a tool used to detect and classify the network breaches dynamically in information and communication technologies (ICT) systems in both academia and industries. Adopting a new and existing machine learning classifiers to NIDS has been a significant area in security research due to the fact that the enhancement in detection rate and accuracy is of important in large volume of security audit data including diverse and dynamic characteristics of attacks. This paper evaluates the effectiveness of various shallow and deep networks to NIDS. The shallow and deep networks are trained and evaluated on the KDDCup `99' and NSL-KDD data sets in both binary and multi-class classification settings. The deep networks are performed well in comparison to the shallow networks in most of the experiment configurations. The main reason to this might be a deep network passes information through several layers to learn the underlying hidden patterns of normal and attack network connection records and finally aggregates these learned features of each layer together to effectively distinguish the normal and various attacks of network connection records. Additionally, deep networks have not only performed well in detecting and classifying the known attacks additionally in unknown attacks too. To achieve an acceptable detection rate, we used various configurations of network settings and its parameters in deep networks. All the various configurations of deep network are run up to 1000 epochs in training with a learning rate in the range [0.01-0.5] to effectively capture the time varying patterns of normal and various attacks.
Cite this Research Publication : R. Vinayakumar, Dr. Soman K. P., and Poornachandran, P., “Evaluating Effectiveness of Shallow and Deep Networks to Intrusion Detection System”, in 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), 2017.