An Autonomous Intrusion Detection System Using an Ensemble of Advanced Learners

An intrusion detection system (IDS) is a vital security component of modern computer networks. With the increasing amount of sensitive services that use computer network-based infrastructures, IDSs need to be more intelligent and autonomous. Aside from autonomy, another important feature for an IDS...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	arXiv.org 2020-12
Hauptverfasser:	Andalib, Amir, Vahid Tabataba Vakili
Format:	Artikel
Sprache:	eng
Schlagworte:	Artificial neural networks Autonomy Computer networks Computer Science - Learning Computer simulation Datasets Intrusion detection systems Statistics - Machine Learning
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page
container_issue
container_start_page
container_title	arXiv.org
container_volume
creator	Andalib, Amir Vahid Tabataba Vakili
description	An intrusion detection system (IDS) is a vital security component of modern computer networks. With the increasing amount of sensitive services that use computer network-based infrastructures, IDSs need to be more intelligent and autonomous. Aside from autonomy, another important feature for an IDS is its ability to detect zero-day attacks. To address these issues, in this paper, we propose an IDS which reduces the amount of manual interaction and needed expert knowledge and is able to yield acceptable performance under zero-day attacks. Our approach is to use three learning techniques in parallel: gated recurrent unit (GRU), convolutional neural network as deep techniques and random forest as an ensemble technique. These systems are trained in parallel and the results are combined under two logics: majority vote and "OR" logic. We use the NSL-KDD dataset to verify the proficiency of our proposed system. Simulation results show that the system has the potential to operate with a very low technician interaction under the zero-day attacks. We achieved 87:28% accuracy on the NSL-KDD's "KDDTest+" dataset and 76:61% accuracy on the challenging "KDDTest-21" with lower training time and lower needed computational resources.
doi_str_mv	10.48550/arxiv.2001.11936
format	Article
fullrecord	<record><control><sourceid>proquest_arxiv</sourceid><recordid>TN_cdi_arxiv_primary_2001_11936</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2350181129</sourcerecordid><originalsourceid>FETCH-LOGICAL-a529-fc26fa42fc6692a674b64e6a002624047b543f3e68d5ce65364bfe8ad16ab1193</originalsourceid><addsrcrecordid>eNotj01rwkAURYdCoWL9AV11oOvYmTcfJstgbRUCLmrXYZK8KREzY2cSqf--Rru6d3G5nEPIE2dzmSrFXk34bU9zYIzPOc-EviMTEIInqQR4ILMY94wx0AtQSkzINnc0H3rvfOeHSDeuD0NsvaNv2GPdj-3zHHvs6Fds3Tc1jq5cxK46IPWW5s3JuBobWqAJDkN8JPfWHCLO_nNKdu-r3XKdFNuPzTIvEqMgS2wN2hoJttY6A6MXstIStRnBQDK5qJQUVqBOG1WjVkLLymJqGq5NNVpNyfPt9mpbHkPbmXAuR-vyan1ZvNwWx-B_Box9ufdDcBemEoRiPOUcMvEHrd5Zrg</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2350181129</pqid></control><display><type>article</type><title>An Autonomous Intrusion Detection System Using an Ensemble of Advanced Learners</title><source>arXiv.org</source><source>Free E- Journals</source><creator>Andalib, Amir ; Vahid Tabataba Vakili</creator><creatorcontrib>Andalib, Amir ; Vahid Tabataba Vakili</creatorcontrib><description>An intrusion detection system (IDS) is a vital security component of modern computer networks. With the increasing amount of sensitive services that use computer network-based infrastructures, IDSs need to be more intelligent and autonomous. Aside from autonomy, another important feature for an IDS is its ability to detect zero-day attacks. To address these issues, in this paper, we propose an IDS which reduces the amount of manual interaction and needed expert knowledge and is able to yield acceptable performance under zero-day attacks. Our approach is to use three learning techniques in parallel: gated recurrent unit (GRU), convolutional neural network as deep techniques and random forest as an ensemble technique. These systems are trained in parallel and the results are combined under two logics: majority vote and "OR" logic. We use the NSL-KDD dataset to verify the proficiency of our proposed system. Simulation results show that the system has the potential to operate with a very low technician interaction under the zero-day attacks. We achieved 87:28% accuracy on the NSL-KDD's "KDDTest+" dataset and 76:61% accuracy on the challenging "KDDTest-21" with lower training time and lower needed computational resources.</description><identifier>EISSN: 2331-8422</identifier><identifier>DOI: 10.48550/arxiv.2001.11936</identifier><language>eng</language><publisher>Ithaca: Cornell University Library, arXiv.org</publisher><subject>Artificial neural networks ; Autonomy ; Computer networks ; Computer Science - Learning ; Computer simulation ; Datasets ; Intrusion detection systems ; Statistics - Machine Learning</subject><ispartof>arXiv.org, 2020-12</ispartof><rights>2020. This work is published under http://arxiv.org/licenses/nonexclusive-distrib/1.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,776,780,881,27902</link.rule.ids><backlink>$$Uhttps://doi.org/10.1109/ICEE50131.2020.9260808$$DView published paper (Access to full text may be restricted)$$Hfree_for_read</backlink><backlink>$$Uhttps://doi.org/10.48550/arXiv.2001.11936$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Andalib, Amir</creatorcontrib><creatorcontrib>Vahid Tabataba Vakili</creatorcontrib><title>An Autonomous Intrusion Detection System Using an Ensemble of Advanced Learners</title><title>arXiv.org</title><description>An intrusion detection system (IDS) is a vital security component of modern computer networks. With the increasing amount of sensitive services that use computer network-based infrastructures, IDSs need to be more intelligent and autonomous. Aside from autonomy, another important feature for an IDS is its ability to detect zero-day attacks. To address these issues, in this paper, we propose an IDS which reduces the amount of manual interaction and needed expert knowledge and is able to yield acceptable performance under zero-day attacks. Our approach is to use three learning techniques in parallel: gated recurrent unit (GRU), convolutional neural network as deep techniques and random forest as an ensemble technique. These systems are trained in parallel and the results are combined under two logics: majority vote and "OR" logic. We use the NSL-KDD dataset to verify the proficiency of our proposed system. Simulation results show that the system has the potential to operate with a very low technician interaction under the zero-day attacks. We achieved 87:28% accuracy on the NSL-KDD's "KDDTest+" dataset and 76:61% accuracy on the challenging "KDDTest-21" with lower training time and lower needed computational resources.</description><subject>Artificial neural networks</subject><subject>Autonomy</subject><subject>Computer networks</subject><subject>Computer Science - Learning</subject><subject>Computer simulation</subject><subject>Datasets</subject><subject>Intrusion detection systems</subject><subject>Statistics - Machine Learning</subject><issn>2331-8422</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2020</creationdate><recordtype>article</recordtype><sourceid>BENPR</sourceid><sourceid>GOX</sourceid><recordid>eNotj01rwkAURYdCoWL9AV11oOvYmTcfJstgbRUCLmrXYZK8KREzY2cSqf--Rru6d3G5nEPIE2dzmSrFXk34bU9zYIzPOc-EviMTEIInqQR4ILMY94wx0AtQSkzINnc0H3rvfOeHSDeuD0NsvaNv2GPdj-3zHHvs6Fds3Tc1jq5cxK46IPWW5s3JuBobWqAJDkN8JPfWHCLO_nNKdu-r3XKdFNuPzTIvEqMgS2wN2hoJttY6A6MXstIStRnBQDK5qJQUVqBOG1WjVkLLymJqGq5NNVpNyfPt9mpbHkPbmXAuR-vyan1ZvNwWx-B_Box9ufdDcBemEoRiPOUcMvEHrd5Zrg</recordid><startdate>20201229</startdate><enddate>20201229</enddate><creator>Andalib, Amir</creator><creator>Vahid Tabataba Vakili</creator><general>Cornell University Library, arXiv.org</general><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L6V</scope><scope>M7S</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope><scope>AKY</scope><scope>EPD</scope><scope>GOX</scope></search><sort><creationdate>20201229</creationdate><title>An Autonomous Intrusion Detection System Using an Ensemble of Advanced Learners</title><author>Andalib, Amir ; Vahid Tabataba Vakili</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a529-fc26fa42fc6692a674b64e6a002624047b543f3e68d5ce65364bfe8ad16ab1193</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2020</creationdate><topic>Artificial neural networks</topic><topic>Autonomy</topic><topic>Computer networks</topic><topic>Computer Science - Learning</topic><topic>Computer simulation</topic><topic>Datasets</topic><topic>Intrusion detection systems</topic><topic>Statistics - Machine Learning</topic><toplevel>online_resources</toplevel><creatorcontrib>Andalib, Amir</creatorcontrib><creatorcontrib>Vahid Tabataba Vakili</creatorcontrib><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science & Engineering Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Engineering Collection</collection><collection>Engineering Database</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection><collection>arXiv Computer Science</collection><collection>arXiv Statistics</collection><collection>arXiv.org</collection><jtitle>arXiv.org</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Andalib, Amir</au><au>Vahid Tabataba Vakili</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>An Autonomous Intrusion Detection System Using an Ensemble of Advanced Learners</atitle><jtitle>arXiv.org</jtitle><date>2020-12-29</date><risdate>2020</risdate><eissn>2331-8422</eissn><abstract>An intrusion detection system (IDS) is a vital security component of modern computer networks. With the increasing amount of sensitive services that use computer network-based infrastructures, IDSs need to be more intelligent and autonomous. Aside from autonomy, another important feature for an IDS is its ability to detect zero-day attacks. To address these issues, in this paper, we propose an IDS which reduces the amount of manual interaction and needed expert knowledge and is able to yield acceptable performance under zero-day attacks. Our approach is to use three learning techniques in parallel: gated recurrent unit (GRU), convolutional neural network as deep techniques and random forest as an ensemble technique. These systems are trained in parallel and the results are combined under two logics: majority vote and "OR" logic. We use the NSL-KDD dataset to verify the proficiency of our proposed system. Simulation results show that the system has the potential to operate with a very low technician interaction under the zero-day attacks. We achieved 87:28% accuracy on the NSL-KDD's "KDDTest+" dataset and 76:61% accuracy on the challenging "KDDTest-21" with lower training time and lower needed computational resources.</abstract><cop>Ithaca</cop><pub>Cornell University Library, arXiv.org</pub><doi>10.48550/arxiv.2001.11936</doi><oa>free_for_read</oa></addata></record>
fulltext	fulltext
identifier	EISSN: 2331-8422
ispartof	arXiv.org, 2020-12
issn	2331-8422
language	eng
recordid	cdi_arxiv_primary_2001_11936
source	arXiv.org; Free E- Journals
subjects	Artificial neural networks Autonomy Computer networks Computer Science - Learning Computer simulation Datasets Intrusion detection systems Statistics - Machine Learning
title	An Autonomous Intrusion Detection System Using an Ensemble of Advanced Learners
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-05T14%3A22%3A31IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_arxiv&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=An%20Autonomous%20Intrusion%20Detection%20System%20Using%20an%20Ensemble%20of%20Advanced%20Learners&rft.jtitle=arXiv.org&rft.au=Andalib,%20Amir&rft.date=2020-12-29&rft.eissn=2331-8422&rft_id=info:doi/10.48550/arxiv.2001.11936&rft_dat=%3Cproquest_arxiv%3E2350181129%3C/proquest_arxiv%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2350181129&rft_id=info:pmid/&rfr_iscdi=true