Araştırma Makalesi
BibTex RIS Kaynak Göster

Cyber Attack Detection Using Temporal Convolutional Networks: A Comparative Analysis

Yıl 2021, Sayı: 22, 204 - 211, 31.01.2021
https://doi.org/10.31590/ejosat.848784

Öz

The rapid rise of the Internet of Things paradigm in recent years and the large attack surface created by this rise have increased the importance of automated detection of cyber attacks. Legacy signature-based intrusion detection systems are inadequate in detecting especially zero-days, which are attacks previously unobserved in computer networks. This has directed cyber security researchers towards machine learning based methods, especially for anomaly detection. Intrusion detection methods based on deep learning algorithms have been proposed, achieving high performance in a variety of tasks. Recently, temporal convolutional networks (TCN) were proposed for action segmentation in videos and have achieved great success in a variety of learning tasks on time series data. Their performance in intrusion detection tasks has not been analyzed in depth though. In this paper we analyze the performance of TCN for attack detection in networks. We compare the performance of TCN in both binary classification and anomaly detection problems with the performance of recurrent neural networks and fully connected feedforward neural networks. The results demonstrate that TCN is a promising method for high-accuracy attack detection. 

Kaynakça

  • Bai, S., Kolter, J. Z., & Koltun, V. (2018). Convolutional sequence modeling revisited. In ICLR Workshop.
  • Behera, S., Pradhan, A., & Dash, R. (2018). Deep neural network architecture for anomaly based ıntrusion detection system. In 5th International Conference on Signal Processing and Integrated Networks (SPIN 2018) (270- 274). Noida. doi: 10.1109/SPIN.2018.8474162
  • Chuan-long, Y., Yue-fei, Z., Jin-long, F., & Xin-zheng, H. (2017). A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access, 5, 21954 - 21961. doi: 10.1109/ACCESS.2017.2762418
  • Eldem, A. (2020). An Application of Deep Neural Network for Classification of Wheat Seeds. Avrupa Bilim ve Teknoloji Dergisi, (19), 213-220. DOI: 10.31590/ejosat.719048.
  • Erduman, A., Yüzer, E., Durusu, A., Yıldız, F.. (2020). An Educational Kit to Promote Teaching of Photovoltaic Systems. Avrupa Bilim ve Teknoloji Dergisi, (19), 916-922. DOI: 10.31590/ejosat.745109
  • Gao, N., Gao, L., Gao, Q., & Wang, H. (2014). An intrusion detection model based on deep belief networks. In Second International Conference on Advanced Cloud and Big Data (247-252). doi: 10.1109/CBD.2014.41
  • Goodfellow, I., Bengio, Y., & Courville, A. (2016). Deep learning. MIT Press.
  • Graves, A. (2012). Supervised sequence labeling with recurrent neural networks. Springer. DOI: 10.1007/978-3-642-24797-2
  • Hochreiter, S., & Schmidhuber, J. (1997). Long Short-Term Memory. Neural Computation, 9(8), 1735-1780. DOI: 10.1162/neco.1997.9.8.1735
  • KDD Cup (1999). [Data file and codebook]. Retrieved from http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
  • Khan, F. A., Gumaei, A., Derhab, A., & Hussain, A. (2019). TSDL: A twostage deep learning model for efficient network intrusion detection. IEEE Access, 7, 30373–30385. doi: 10.1109/ACCESS.2019.2899721
  • Kim, J., & Kim, H. (2016). Applying recurrent neural network to intrusion detection with hessian free optimization. In H. Kim, D. Choi (Eds.), Information Security Applications. WISA 2015. Lecture Notes in Computer Science (1-14). Springer. DOI: 10.1007/978-3-319-31875-2_30
  • Lea C., Vidal R., Reiter A., & Hager G. D. (2016). Temporal convolutional networks: A unified approach to action segmentation. In G. Hua & H. Jégou (Eds.), Computer Vision – ECCV 2016 Workshops. ECCV 2016. Lecture Notes in Computer Science (47-54). Springer. https://doi.org/10.1007/978-3-319-49409-8_7
  • Li, Z., Qin, Z., Huang, Z., Yang, X., & Ye, S. (2017). Intrusion detection using convolutional neural networks for representation learning. In D. Liu, S. Xie, Y. Li, D. Zhao, & E. M. El-Alfy (Eds.), Neural Information Processing. ICONIP 2017. Lecture Notes in Computer Science. (858–866). Springer. https://doi.org/10.1007/978-3-319-70139-4_87
  • Li, Z., Rios, A. L. G., Xu, G., & Trajkovic, L. (2019). Machine learning techniques for classifying network anomalies and intrusions. In IEEE International Symposium on Circuits and Systems (ISCAS) (1–5). Saporro. doi: 10.1109/ISCAS.2019.8702583
  • Li, Z., Qin, Z., Shen, P. & Jiang, L. (2019). Intrusion Detection Using Temporal Convolutional Networks, In International Conference on Neural Information Processing (168-178).
  • Lopez-Martin, M., Carro, C., Sanchez-Esguevillas, A., & Lloret, J. (2017). Conditional variational autoencoder for prediction and feature recovery applied to intrusion detection in IoT. Sensors, 17(9), 1967. doi: 10.3390/s17091967
  • Ma, T., Wang, F., Cheng, J., Yu, Y., & Chen, X. (2016). A hybrid spectral clustering and deep neural network ensemble algorithm for intrusion detection in sensor networks. Sensors, 16(10), 1701. https://doi.org/10.3390/s16101701
  • Ozgur, A. & Erdem, H. (2016). A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015. PeerJ Prepr.
  • Pascanu, R., Stokes, J. W., Sanossian, H., Marinescu, M., & Thomas, A. (2015). Malware classification with recurrent networks. In ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing (1916-1920). doi: 10.1109/ICASSP.2015.7178304
  • Sandhiya, S., & Palani, U. (2020). An effective disease prediction system using incremental feature selection and temporal convolutional neural network. Journal of Ambient Intelligence and Humanized Computing, 11, 5547–5560. https://doi.org/10.1007/s12652-020-01910-6
  • Staudemeyer, R. C. (2015). Applying long short-term memory recurrent neural networks to intrusion detection. South African Computer Journal, 56, 136–154. doi: 10.18489/SACJ.V56I1.248
  • Su, T., Sun, H., Zhu, J., Wang, S., & Li, Y. (2020). BAT: Deep learning methods on network intrusion detection using NSL-KDD dataset. IEEE Access, 8, 29575–29585. doi: 10.1109/ACCESS.2020.2972627
  • Thapa, N., Liu, Z., KC, D. B., Gokaraju, B., & Roy, K. (2020). Comparison of machine learning and deep learning models for network intrusion detection systems. Future Internet, 12(10), 167. https://doi.org/10.3390/fi12100167
  • Vinayakumar, R., Alazab, M., Soman, K. P., Poornachandran, P., Al-Nemrat, A., & Venkatraman, S. (2019). Deep learning approach for intelligent intrusion detection system. IEEE Access, 7, 41525–41550. DOI: 10.1109/ACCESS.2017.2762418
  • Williams, R. J., & Zipser, D. (1995). Gradient-based learning algorithms for recurrent networks and their computational complexity. Backpropagation: Theory, Architectures, and Applications. 433-486.
  • Yan, J., Chen, X., Chen, Y., & Liang, D. (2020). Multistep prediction of land cover from dense time series remote sensing images with temporal convolutional networks, IEEE Journal of Selected Topics in Applied Earth Observations and Remote Sensing, 13, 5149-5161. doi: 10.1109/JSTARS.2020.3020839.
  • Yin, C., Zhu, Y., Fei, J., & He, X. (2017). A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access, 5, 21954–21961. doi: 10.1109/ACCESS.2017.2762418
  • You, J., Wang, Y., Pal, A., Eksombatchai, P., Rosenburg, C., & Leskovec, J. (2019). Hierarchical temporal convolutional networks for dynamic recommender systems. In The World Wide Web Conference (2236-2246). Association for Computing Machinery. https://doi.org/10.1145/3308558.3313747

Zamansal Evrişimli Ağlarla Saldırı Tespiti: Karşılaştırmalı Bir Analiz

Yıl 2021, Sayı: 22, 204 - 211, 31.01.2021
https://doi.org/10.31590/ejosat.848784

Öz

Son yıllarda Nesnelerin İnterneti paradigmasının hızlı yükselişi ve bu yükselişin yarattığı büyük siber saldırı yüzeyi, otomatik saldırı tespit sistemlerinin önemini arttırmıştır. Özellikle daha önce gözlenmemiş sıfırıncı gün saldırılarının tespitinde klasik imza tabanlı saldırı tespit sistemleri yetersiz kalmaktadır. Bu durum siber güvenlik araştırmacılarını özellikle anomali tespiti için makine öğrenme tabanlı yöntemlere yönlendirmiştir. Literatürde derin öğrenme yöntemlerini bilgisayar ağlarında saldırı tespiti için kullanan birçok yöntem önerilmiş ve yüksek başarım elde etmiştir. Yakın zamanda ilk olarak videolarda aksiyon segmentasyonu için önerilen zamansal evrişimsel ağlar (TCN), zaman serisi içeren öğrenme görevlerinde yüksek başarı elde ettiği halde, bilgisayar ağlarında saldırı tespiti alanındaki etkinlikleri detaylı analiz edilmemiştir. Bu çalışmada TCN’nin saldırı tespiti konusunda başarımı irdelenmiştir. TCN’nin hem ikili sınıflandırma hem de anomali tespiti problemlerindeki başarımı, birçok saldırı tespiti probleminde yüksek başarım elde etmiş tekrarlayan sinir ağları ve tam bağlı sinir ağları yöntemleriyle kıyaslanmıştır. Elde edilen sonuçlar TCN’nin yüksek doğruluklu saldırı tespiti için ümit vaat eden bir yöntem olduğunu göstermektedir.

Kaynakça

  • Bai, S., Kolter, J. Z., & Koltun, V. (2018). Convolutional sequence modeling revisited. In ICLR Workshop.
  • Behera, S., Pradhan, A., & Dash, R. (2018). Deep neural network architecture for anomaly based ıntrusion detection system. In 5th International Conference on Signal Processing and Integrated Networks (SPIN 2018) (270- 274). Noida. doi: 10.1109/SPIN.2018.8474162
  • Chuan-long, Y., Yue-fei, Z., Jin-long, F., & Xin-zheng, H. (2017). A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access, 5, 21954 - 21961. doi: 10.1109/ACCESS.2017.2762418
  • Eldem, A. (2020). An Application of Deep Neural Network for Classification of Wheat Seeds. Avrupa Bilim ve Teknoloji Dergisi, (19), 213-220. DOI: 10.31590/ejosat.719048.
  • Erduman, A., Yüzer, E., Durusu, A., Yıldız, F.. (2020). An Educational Kit to Promote Teaching of Photovoltaic Systems. Avrupa Bilim ve Teknoloji Dergisi, (19), 916-922. DOI: 10.31590/ejosat.745109
  • Gao, N., Gao, L., Gao, Q., & Wang, H. (2014). An intrusion detection model based on deep belief networks. In Second International Conference on Advanced Cloud and Big Data (247-252). doi: 10.1109/CBD.2014.41
  • Goodfellow, I., Bengio, Y., & Courville, A. (2016). Deep learning. MIT Press.
  • Graves, A. (2012). Supervised sequence labeling with recurrent neural networks. Springer. DOI: 10.1007/978-3-642-24797-2
  • Hochreiter, S., & Schmidhuber, J. (1997). Long Short-Term Memory. Neural Computation, 9(8), 1735-1780. DOI: 10.1162/neco.1997.9.8.1735
  • KDD Cup (1999). [Data file and codebook]. Retrieved from http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
  • Khan, F. A., Gumaei, A., Derhab, A., & Hussain, A. (2019). TSDL: A twostage deep learning model for efficient network intrusion detection. IEEE Access, 7, 30373–30385. doi: 10.1109/ACCESS.2019.2899721
  • Kim, J., & Kim, H. (2016). Applying recurrent neural network to intrusion detection with hessian free optimization. In H. Kim, D. Choi (Eds.), Information Security Applications. WISA 2015. Lecture Notes in Computer Science (1-14). Springer. DOI: 10.1007/978-3-319-31875-2_30
  • Lea C., Vidal R., Reiter A., & Hager G. D. (2016). Temporal convolutional networks: A unified approach to action segmentation. In G. Hua & H. Jégou (Eds.), Computer Vision – ECCV 2016 Workshops. ECCV 2016. Lecture Notes in Computer Science (47-54). Springer. https://doi.org/10.1007/978-3-319-49409-8_7
  • Li, Z., Qin, Z., Huang, Z., Yang, X., & Ye, S. (2017). Intrusion detection using convolutional neural networks for representation learning. In D. Liu, S. Xie, Y. Li, D. Zhao, & E. M. El-Alfy (Eds.), Neural Information Processing. ICONIP 2017. Lecture Notes in Computer Science. (858–866). Springer. https://doi.org/10.1007/978-3-319-70139-4_87
  • Li, Z., Rios, A. L. G., Xu, G., & Trajkovic, L. (2019). Machine learning techniques for classifying network anomalies and intrusions. In IEEE International Symposium on Circuits and Systems (ISCAS) (1–5). Saporro. doi: 10.1109/ISCAS.2019.8702583
  • Li, Z., Qin, Z., Shen, P. & Jiang, L. (2019). Intrusion Detection Using Temporal Convolutional Networks, In International Conference on Neural Information Processing (168-178).
  • Lopez-Martin, M., Carro, C., Sanchez-Esguevillas, A., & Lloret, J. (2017). Conditional variational autoencoder for prediction and feature recovery applied to intrusion detection in IoT. Sensors, 17(9), 1967. doi: 10.3390/s17091967
  • Ma, T., Wang, F., Cheng, J., Yu, Y., & Chen, X. (2016). A hybrid spectral clustering and deep neural network ensemble algorithm for intrusion detection in sensor networks. Sensors, 16(10), 1701. https://doi.org/10.3390/s16101701
  • Ozgur, A. & Erdem, H. (2016). A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015. PeerJ Prepr.
  • Pascanu, R., Stokes, J. W., Sanossian, H., Marinescu, M., & Thomas, A. (2015). Malware classification with recurrent networks. In ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing (1916-1920). doi: 10.1109/ICASSP.2015.7178304
  • Sandhiya, S., & Palani, U. (2020). An effective disease prediction system using incremental feature selection and temporal convolutional neural network. Journal of Ambient Intelligence and Humanized Computing, 11, 5547–5560. https://doi.org/10.1007/s12652-020-01910-6
  • Staudemeyer, R. C. (2015). Applying long short-term memory recurrent neural networks to intrusion detection. South African Computer Journal, 56, 136–154. doi: 10.18489/SACJ.V56I1.248
  • Su, T., Sun, H., Zhu, J., Wang, S., & Li, Y. (2020). BAT: Deep learning methods on network intrusion detection using NSL-KDD dataset. IEEE Access, 8, 29575–29585. doi: 10.1109/ACCESS.2020.2972627
  • Thapa, N., Liu, Z., KC, D. B., Gokaraju, B., & Roy, K. (2020). Comparison of machine learning and deep learning models for network intrusion detection systems. Future Internet, 12(10), 167. https://doi.org/10.3390/fi12100167
  • Vinayakumar, R., Alazab, M., Soman, K. P., Poornachandran, P., Al-Nemrat, A., & Venkatraman, S. (2019). Deep learning approach for intelligent intrusion detection system. IEEE Access, 7, 41525–41550. DOI: 10.1109/ACCESS.2017.2762418
  • Williams, R. J., & Zipser, D. (1995). Gradient-based learning algorithms for recurrent networks and their computational complexity. Backpropagation: Theory, Architectures, and Applications. 433-486.
  • Yan, J., Chen, X., Chen, Y., & Liang, D. (2020). Multistep prediction of land cover from dense time series remote sensing images with temporal convolutional networks, IEEE Journal of Selected Topics in Applied Earth Observations and Remote Sensing, 13, 5149-5161. doi: 10.1109/JSTARS.2020.3020839.
  • Yin, C., Zhu, Y., Fei, J., & He, X. (2017). A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access, 5, 21954–21961. doi: 10.1109/ACCESS.2017.2762418
  • You, J., Wang, Y., Pal, A., Eksombatchai, P., Rosenburg, C., & Leskovec, J. (2019). Hierarchical temporal convolutional networks for dynamic recommender systems. In The World Wide Web Conference (2236-2246). Association for Computing Machinery. https://doi.org/10.1145/3308558.3313747
Toplam 29 adet kaynakça vardır.

Ayrıntılar

Birincil Dil Türkçe
Konular Mühendislik
Bölüm Makaleler
Yazarlar

Berna Çakır 0000-0001-9610-459X

Pelin Angın 0000-0002-6419-2043

Yayımlanma Tarihi 31 Ocak 2021
Yayımlandığı Sayı Yıl 2021 Sayı: 22

Kaynak Göster

APA Çakır, B., & Angın, P. (2021). Zamansal Evrişimli Ağlarla Saldırı Tespiti: Karşılaştırmalı Bir Analiz. Avrupa Bilim Ve Teknoloji Dergisi(22), 204-211. https://doi.org/10.31590/ejosat.848784