Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

Time-Series Modeling for Intrusion Detection Systems

  • Conference paper
  • First Online:
Distributed Computing and Artificial Intelligence, 20th International Conference (DCAI 2023)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 740))

Abstract

The advent of computer networks and the Internet has drastically altered the means by which we share information & interact with each other. However, this technological advancement has also created room for malevolent behaviour where individuals exploit weak points with the intent of gaining access to confidential data, blocking activity etc. To this end, intrusion detection systems (IDS) are needed to filter malicious traffic and prevent common attacks. In the past, these systems relied on a fixed set of rules or comparison with previous attacks. However, with the increased availability of computational power & data, machine learning has emerged as a promising solution for this task. While many systems now use this methodology in real-time for a reactive approach to mitigation, we aim to explore the potential of configuring it as a proactive time series prediction. In this work, we delve into this possibility further. More specifically, we convert a classic IDS dataset to a time-series format and use predictive models to forecast forthcoming malign packets. The findings indicate that our model performs strongly, exhibiting accuracy that is within a 4% margin when compared to conventional real-time detection.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.kaggle.com/datasets/sampadab17/network-intrusion-detection.

References

  1. Alshamrani, A., Myneni, S., Chowdhary, A., Huang, D.: A survey on advanced persistent threats: techniques, solutions, challenges, and research opportunities. IEEE Commun. Surv. Tutorials 21(2), 1851–1877 (2019)

    Article  Google Scholar 

  2. Khraisat, A., Gondal, I., Vamplew, P., Kamruzzaman, J.: Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity 2(1), 1–22 (2019). https://doi.org/10.1186/s42400-019-0038-7

    Article  Google Scholar 

  3. Psychogyios, K., Velivassaki, T.H., Bourou, S., Voulkidis, A., Skias, D., Zahariadis, T.: GAN-driven data poisoning attacks and their mitigation in federated learning systems. Electronics 12(8), 1805 (2023)

    Article  Google Scholar 

  4. Psychogyios, K., Ilias, L., Ntanos, C., Askounis, D.: Missing value imputation methods for electronic health records. EEE Access 11, 21562–21574 (2023)

    Google Scholar 

  5. Psychogyios, K., Ilias, L. and Askounis, D. : Comparison of missing data imputation methods using the Framingham heart study dataset. In: 2022 IEEE-EMBS International Conference on Biomedical and Health Informatics (BHI), pp. 1-5. IEEE (2022)

    Google Scholar 

  6. Halbouni, A., Gunawan, T.S., Habaebi, M.H., Halbouni, M., Kartiwi, M., Ahmad, R.: Machine learning and deep learning approaches for cybersecurity: a review. IEEE Access 10, 19572–19585 (2022)

    Article  Google Scholar 

  7. Anastasakis, Z., et al.: Enhancing cyber security in IoT systems using FL-based IDS with differential privacy. In: 2022 Global Information Infrastructure and Networking Symposium (GIIS), pp. 30–34. IEEE (2022)

    Google Scholar 

  8. Le, T.T.H., Oktian, Y.E., Kim, H.: XGBoost for imbalanced multiclass classification-based industrial internet of things intrusion detection systems. Sustainability 14(14), 8707 (2022)

    Article  Google Scholar 

  9. Hajisalem, V., Babaie, S.: A hybrid intrusion detection system based on ABC-AFS algorithm for misuse and anomaly detection. Comput. Netw. 136, 37–50 (2018)

    Article  Google Scholar 

  10. Pang, G., Shen, C., Cao, L., Hengel, A.V.D.: Deep learning for anomaly detection: a review. ACM Comput. Surv. (CSUR) 54(2), 1–38 (2021)

    Article  Google Scholar 

  11. Moustafa, N., Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 Military Communications and Information Systems Conference (MilCIS), pp. 1–6. IEEE Australia (2015)

    Google Scholar 

  12. Thakkar, A., Lohiya, R.: A review on machine learning and deep learning perspectives of IDS for IoT: recent updates, security issues, and challenges. Arch. Comput. Methods Eng. 28, 3211–3243 (2021)

    Article  Google Scholar 

  13. Saranya, T., Sridevi, S., Deisy, C., Chung, T.D., Khan, M.A.: Performance analysis of machine learning algorithms in intrusion detection system: a review. Procedia Comput. Sci. 171, 1251–1260 (2020)

    Article  Google Scholar 

  14. Maseer, Z.K., Yusof, R., Mostafa, S.A., Bahaman, N., Musa, O., Al-rimy, B.A.S.: DeepIoT. IDS: hybrid deep learning for enhancing IoT network intrusion detection. Comput. Mater. Continua 69(3), 3945–3966 (2021)

    Google Scholar 

  15. Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A. : Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: ICISSp, pp. 108–116 (2018)

    Google Scholar 

  16. Imran, M., Haider, N., Shoaib, M., Razzak, I.: An intelligent and efficient network intrusion detection system using deep learning. Comput. Electr. Eng. 69, 107764 (2022)

    Google Scholar 

  17. Bay, S.D., Kibler, D., Pazzani, M.J., Smyth, P.: The UCI KDD archive of large data sets for data mining research and experimentation. ACM SIGKDD Explor. Newslett. 2(2), 81–85 (2000)

    Article  Google Scholar 

  18. Saba, T., Rehman, A., Sadad, T., Kolivand, H., Bahaj, S.A.: Anomaly-based intrusion detection system for IoT networks through deep learning model. Comput. Electr. Eng. 99, 107810 (2022)

    Article  Google Scholar 

  19. Koroniotis, N., Moustafa, N., Sitnikova, E., Turnbull, B.: Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-IoT dataset. Future Gener. Comput. Syst. 100, 779–796 (2019)

    Article  Google Scholar 

  20. Tahri, R., Jarrar, A., Lasbahani, A., Balouki, Y.: A comparative study of machine learning algorithms on the UNSW-NB 15 dataset. In: TM Web of Conferences, vol. 48, p. 03002. EDP Sciences (2022)

    Google Scholar 

  21. Anton, S.D., Ahrens, L., Fraunholz, D., Schotten, H.D.: Time is of the essence: machine learning-based intrusion detection in industrial time series data. In: IEEE International Conference on Data Mining Workshops (ICDMW), pp. 1-6. IEEE (2018)

    Google Scholar 

  22. Hochreiter, S., Schmidhuber, J.: Long short-term memory. Neural Comput. 9(8), 1735–80 (1997)

    Article  Google Scholar 

Download references

Acknowledgements

This work was funded by the H2020 CyberSEAS project, contract no. 101020560, within the H2020 Framework Program of the European Commission.

Author information

Authors and Affiliations

  1. Synelixis Solutions S.A., 10 Farmakidou Av, 34100, Chalkida, Greece

    Konstantinos Psychogyios, Stavroula Bourou, Andreas Papadakis, Nikolaos Nikolaou & Theodore Zahariadis

  2. National and Kapodistrian University of Athens, 157 72, Athens, Greece

    Theodore Zahariadis

Authors
  1. Konstantinos Psychogyios
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stavroula Bourou
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Andreas Papadakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Nikolaos Nikolaou
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Theodore Zahariadis
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Konstantinos Psychogyios .

Editor information

Editors and Affiliations

  1. ETSII / CETINIA, Universidad Rey Juan Carlos, Madrid, Madrid, Spain

    Sascha Ossowski

  2. Politechnika Śląska Kielce, Kielce University of Technology, Santa Cruz, Poland

    Pawel Sitek

  3. Department of Informatics, Engineering School, University of Minho, Braga, Portugal

    Cesar Analide

  4. Departamento de Engenharia Informática, Polytechnic Institute of Porto, Porto, Portugal

    Goreti Marreiros

  5. BISITE, University of Salamanca, Salamanca, Salamanca, Spain

    Pablo Chamoso

  6. BISITE, University of Salamanca, Salamanca, Salamanca, Spain

    Sara Rodríguez

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Psychogyios, K., Bourou, S., Papadakis, A., Nikolaou, N., Zahariadis, T. (2023). Time-Series Modeling for Intrusion Detection Systems. In: Ossowski, S., Sitek, P., Analide, C., Marreiros, G., Chamoso, P., Rodríguez, S. (eds) Distributed Computing and Artificial Intelligence, 20th International Conference. DCAI 2023. Lecture Notes in Networks and Systems, vol 740. Springer, Cham. https://doi.org/10.1007/978-3-031-38333-5_1

Download citation

Publish with us

Policies and ethics

Search

Navigation