基于cnn的攻击分类与基于ae的入侵检测系统无监督异常检测

2022 International Conference on Electrical, Computer and Energy Technologies (ICECET) Pub Date : 2022-07-20 DOI:10.1109/ICECET55527.2022.9873072

Jean Claude Joseph Badji, C. Diallo

{"title":"基于cnn的攻击分类与基于ae的入侵检测系统无监督异常检测","authors":"Jean Claude Joseph Badji, C. Diallo","doi":"10.1109/ICECET55527.2022.9873072","DOIUrl":null,"url":null,"abstract":"As the cyber threat landscape expands, attacks are becoming stealthier, faster and smarter. Traditional security techniques therefore become ineffective against polymorphic threats and zero-day attacks. Thus, research is increasingly oriented towards AI. Machine Learning (ML) quickly showed its limits due to the amount of data and the high dimensionality imposed by the Big Data era, and the workload on manual feature extraction. IDS based on ML has thus shown poor performance and Deep IDS based on ML has thus shown poor performance and Deep we propose traffic classification by a one-dimensional CNN and we propose traffic classification by a one-dimensional CNN and anomaly detection by a deep/stacked autoencoder (DAE). The evaluation of the proposed models show that the false alarm rate (FAR) and the false negative rate (FNR) are very low. Additionally, the DAE model works well against almost any attack. Finally, both models show high performance.","PeriodicalId":249012,"journal":{"name":"2022 International Conference on Electrical, Computer and Energy Technologies (ICECET)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-07-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"A CNN-based Attack Classification versus an AE-based Unsupervised Anomaly Detection for Intrusion Detection Systems\",\"authors\":\"Jean Claude Joseph Badji, C. Diallo\",\"doi\":\"10.1109/ICECET55527.2022.9873072\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As the cyber threat landscape expands, attacks are becoming stealthier, faster and smarter. Traditional security techniques therefore become ineffective against polymorphic threats and zero-day attacks. Thus, research is increasingly oriented towards AI. Machine Learning (ML) quickly showed its limits due to the amount of data and the high dimensionality imposed by the Big Data era, and the workload on manual feature extraction. IDS based on ML has thus shown poor performance and Deep IDS based on ML has thus shown poor performance and Deep we propose traffic classification by a one-dimensional CNN and we propose traffic classification by a one-dimensional CNN and anomaly detection by a deep/stacked autoencoder (DAE). The evaluation of the proposed models show that the false alarm rate (FAR) and the false negative rate (FNR) are very low. Additionally, the DAE model works well against almost any attack. Finally, both models show high performance.\",\"PeriodicalId\":249012,\"journal\":{\"name\":\"2022 International Conference on Electrical, Computer and Energy Technologies (ICECET)\",\"volume\":\"60 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-07-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 International Conference on Electrical, Computer and Energy Technologies (ICECET)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICECET55527.2022.9873072\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 International Conference on Electrical, Computer and Energy Technologies (ICECET)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICECET55527.2022.9873072","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

随着网络威胁的扩大，攻击变得更加隐蔽、快速和智能。因此，传统的安全技术对多态威胁和零日攻击变得无效。因此，研究越来越趋向于人工智能。由于大数据时代带来的数据量和高维度，以及人工特征提取的工作量，机器学习(ML)很快显示出其局限性。因此，基于ML的IDS表现出较差的性能，基于ML的深度IDS也表现出较差的性能，我们提出了通过一维CNN进行流量分类的深度IDS，我们提出了通过一维CNN进行流量分类和通过深度/堆叠自编码器(DAE)进行异常检测的深度IDS。对所提模型的评价表明，所提模型的虚警率(FAR)和假阴性率(FNR)都很低。此外，DAE模型可以很好地抵御几乎任何攻击。最后，两种模型均表现出较高的性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A CNN-based Attack Classification versus an AE-based Unsupervised Anomaly Detection for Intrusion Detection Systems

As the cyber threat landscape expands, attacks are becoming stealthier, faster and smarter. Traditional security techniques therefore become ineffective against polymorphic threats and zero-day attacks. Thus, research is increasingly oriented towards AI. Machine Learning (ML) quickly showed its limits due to the amount of data and the high dimensionality imposed by the Big Data era, and the workload on manual feature extraction. IDS based on ML has thus shown poor performance and Deep IDS based on ML has thus shown poor performance and Deep we propose traffic classification by a one-dimensional CNN and we propose traffic classification by a one-dimensional CNN and anomaly detection by a deep/stacked autoencoder (DAE). The evaluation of the proposed models show that the false alarm rate (FAR) and the false negative rate (FNR) are very low. Additionally, the DAE model works well against almost any attack. Finally, both models show high performance.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2022 International Conference on Electrical, Computer and Energy Technologies (ICECET)

自引率

0.00%

发文量