The volume of network and Internet traffic is expanding daily, with data being created at the zettabyte to petabyte scale at an exceptionally high rate. These can be characterized as big data, because they are large in volume, variety, velocity, and veracity. Security threats to networks, the Internet, websites, and organizations are growing alongside this growth in usage. Detecting intrusions in such a big data environment is difficult. Various intrusion-detection systems (IDSs) using artificial intelligence or machine learning have been proposed for different types of network attacks, but most of these systems either cannot recognize unknown attacks or cannot respond to such attacks in real time. Deep learning models, recently applied to large-scale big data analysis, have shown remarkable performance in general but have not been examined for detection of intrusions in a big data environment. This paper proposes a hybrid deep learning model to efficiently detect network intrusions based on a convolutional neural network (CNN) and a weight-dropped, long short-term memory (WDLSTM) network. We use the deep CNN to extract meaningful features from IDS big data and WDLSTM to retain long-term dependencies among extracted features to prevent overfitting on recurrent connections. The proposed hybrid method was compared with traditional approaches in terms of performance on a publicly available dataset, demonstrating its satisfactory performance.

A hybrid deep learning model for efficient intrusion detection in big data environment

Fortino G.
2020

Abstract

The volume of network and Internet traffic is expanding daily, with data being created at the zettabyte to petabyte scale at an exceptionally high rate. These can be characterized as big data, because they are large in volume, variety, velocity, and veracity. Security threats to networks, the Internet, websites, and organizations are growing alongside this growth in usage. Detecting intrusions in such a big data environment is difficult. Various intrusion-detection systems (IDSs) using artificial intelligence or machine learning have been proposed for different types of network attacks, but most of these systems either cannot recognize unknown attacks or cannot respond to such attacks in real time. Deep learning models, recently applied to large-scale big data analysis, have shown remarkable performance in general but have not been examined for detection of intrusions in a big data environment. This paper proposes a hybrid deep learning model to efficiently detect network intrusions based on a convolutional neural network (CNN) and a weight-dropped, long short-term memory (WDLSTM) network. We use the deep CNN to extract meaningful features from IDS big data and WDLSTM to retain long-term dependencies among extracted features to prevent overfitting on recurrent connections. The proposed hybrid method was compared with traditional approaches in terms of performance on a publicly available dataset, demonstrating its satisfactory performance.
Big data; Convolution neural network; Deep learning; Intrusion detection; Weight-dropped long short-term memory network
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.11770/296788
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 118
  • ???jsp.display-item.citation.isi??? 96
social impact