Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

NADSR: A Network Anomaly Detection Scheme Based on Representation

  • Conference paper
  • First Online:
Knowledge Science, Engineering and Management (KSEM 2020)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 12274))

Abstract

Deep learning has been widely used for identifying anomaly network traffic. It trains supervised classifiers on a pre-screened numerical traffic feature dataset in the most cases, so the classification effectiveness depends heavily on feature representation. There is no unified feature representation method, and the current feature representation methods cannot profile traffic precisely. Therefore, how to design a traffic feature representation method to profile traffic is challenging. We propose a Network Anomaly Detection Scheme based on data Representation (NADSR). Data representation method converts raw network traffic into images by treating every numerical feature value as an image pixel and then creating a circulant pixel matrix for a traffic sample. It retains the traffic feature’s spatial structure instead of padding empty pixels with constant values while directly reshaping a long feature vector into a pixel matrix. Experimental results verify the effectiveness of the proposed NADSR. It improves the overall detection accuracy compared with state-of-the-art methods, and also provides reference to solve security-related classification problems.

Supported by the Department of Science and Technology of Jilin Province grant NO. 20190302070GX, the Education Department of Jilin Province grant NO. JJKH20190598KJ, Jilin Education Science Planning Project (GH180148) and Jilin Province College and University “Golden Course” Plan Project (Network protocol and network virus virtual simulation experiment).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Summary of internet security situation in china in 2018, national computer network emergency technology processing and coordination center (2019). http://www.cac.gov.cn/2019-04/17/c_1124379080.htm

  2. Blanco, R., Malagón, P., Cilla, J.J., Moya, J.M.: Multiclass network attack classifier using CNN tuned with genetic algorithms. In: 28th International Symposium on Power and Timing Modeling, Optimization and Simulation (PATMOS), pp. 177–182. IEEE (2018). https://doi.org/10.1109/PATMOS.2018.8463997

  3. Khan, N.M., Madhav C, N., Negi, A., Thaseen, I.S.: Analysis on improving the performance of machine learning models using feature selection technique. In: Abraham, A., Cherukuri, A.K., Melin, P., Gandhi, N. (eds.) ISDA 2018 2018. AISC, vol. 941, pp. 69–77. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-16660-1_7

    Chapter  Google Scholar 

  4. Kwon, D., Natarajan, K., Suh, S.C., Kim, H., Kim, J.: An empirical study on network anomaly detection using convolutional neural networks. In: IEEE 38th International Conference on Distributed Computing Systems (ICDCS), pp. 1595–1598 (2018). https://doi.org/10.1109/ICDCS.2018.00178

  5. Kwon, D., Kim, H., Kim, J., Suh, S.C., Kim, I., Kim, K.J.: A survey of deep learning-based network anomaly detection. Cluster Comput. 22(1), 949–961 (2017). https://doi.org/10.1007/s10586-017-1117-8

    Article  Google Scholar 

  6. Li, Z., Qin, Z., Huang, K., Yang, X., Ye, S.: Intrusion detection using convolutional neural networks for representation learning. In: Liu, D., Xie, S., Li, Y., Zhao, D., El-Alfy, E.-S.M. (eds.) ICONIP 2017. LNCS, vol. 10638, pp. 858–866. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70139-4_87

    Chapter  Google Scholar 

  7. Liu, H., Lang, B., Liu, M., Yan, H.: CNN and RNN based payload classification methods for attack detection. Knowl. Based Syst. 163, 1–10 (2018). https://doi.org/10.1016/j.knosys.2018.08.036

    Article  Google Scholar 

  8. Luo, X., Di, X., Liu, X., Qi, H., Li, J., Cong, L., Yang, H.: Anomaly detection for application layer user browsing behavior based on attributes and features, vol. 1069, pp. 1–9. Elsevier, Suzhou (2018). https://doi.org/10.1088/1742-6596/1069/1/012072

  9. Moustafa, N., Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: Military Communications and Information Systems Conference (2015). https://doi.org/10.1109/MilCIS.2015.7348942

  10. Nsunza, W.W., Tetteh, A.Q.R., Hei, X.: Accelerating a secure programmable edge network system for smart classroom. In: IEEE SmartWorld, Ubiquitous Intelligence and Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People and Smart City Innovation, pp. 1384–1389. IEEE (2018). https://doi.org/10.1109/SmartWorld.2018.00240

  11. Potluri, S., Ahmed, S., Diedrich, C.: Convolutional neural networks for multi-class intrusion detection system. In: Groza, A., Prasath, R. (eds.) MIKE 2018. LNCS (LNAI), vol. 11308, pp. 225–238. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-05918-7_20

    Chapter  Google Scholar 

  12. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD cup 99 data set. In: IEEE International Conference on Computational Intelligence for Security and Defense Applications (2009). https://doi.org/10.1109/CISDA.2009.5356528

  13. Vinayakumar, R., Alazab, M., Soman, K.P., Poornachandran, P., Al-Nemrat, A., Venkatraman, S.: Deep learning approach for intelligent intrusion detection system. IEEE Access 7, 41525–41550 (2019). https://doi.org/10.1109/ACCESS.2019.2895334

    Article  Google Scholar 

  14. Vinayakumar, R., Soman, K., Poornachandran, P.: Applying convolutional neural network for network intrusion detection. In: International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 1222–1228. IEEE (2017). https://doi.org/10.1109/ICACCI.2017.8126009

  15. Wu, K., Chen, Z., Li, W.: A novel intrusion detection model for a massive network using convolutional neural networks. IEEE Access 6, 50850–50859 (2018). https://doi.org/10.1109/ACCESS.2018.2868993

    Article  Google Scholar 

  16. Xie, K., Li, X., Xin, W., Cao, J., Zheng, Q.: On-line anomaly detection with high accuracy. IEEE/ACM Trans. Netw. 26(3), 1222–1235 (2018). https://doi.org/10.1109/TNET.2018.2819507

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science and Technology, Changchun University of Science and Technology, Changchun, 130022, China

    Xu Liu, Xiaoqiang Di, Weiyou Liu, Xingxu Zhang, Hui Qi, Jinqing Li, Jianping Zhao & Huamin Yang

  2. Jilin Province Key Laboratory of Network and Information Security, Changchun, 130022, China

    Xu Liu, Xiaoqiang Di, Hui Qi, Jinqing Li, Jianping Zhao & Huamin Yang

  3. Information Center, Changchun University of Science and Technology, Changchun, 130022, China

    Xiaoqiang Di

Authors
  1. Xu Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xiaoqiang Di
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Weiyou Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xingxu Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Hui Qi
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Jinqing Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Jianping Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Huamin Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xiaoqiang Di .

Editor information

Editors and Affiliations

  1. Deakin University, Geelong, VIC, Australia

    Gang Li

  2. University of Electronic Science and Technology of China, Chengdu, China

    Heng Tao Shen

  3. Beijing Institute of Technology, Beijing, China

    Ye Yuan

  4. Zhejiang Gongshang University, Hangzhou, China

    Xiaoyang Wang

  5. Zhejiang Normal University, Jinhua, China

    Huawen Liu

  6. National University of Defense Technology, Changsha, China

    Xiang Zhao

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Liu, X. et al. (2020). NADSR: A Network Anomaly Detection Scheme Based on Representation. In: Li, G., Shen, H., Yuan, Y., Wang, X., Liu, H., Zhao, X. (eds) Knowledge Science, Engineering and Management. KSEM 2020. Lecture Notes in Computer Science(), vol 12274. Springer, Cham. https://doi.org/10.1007/978-3-030-55130-8_33

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-55130-8_33

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-55129-2

  • Online ISBN: 978-3-030-55130-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation