Pelican: A Deep Residual Network for Network Intrusion Detection
- URL: http://arxiv.org/abs/2001.08523v7
- Date: Fri, 8 May 2020 12:27:42 GMT
- Title: Pelican: A Deep Residual Network for Network Intrusion Detection
- Authors: Peilun Wu, Hui Guo and Nour Moustafa
- Abstract summary: We propose a deep neural network, Pelican, that is built upon specially-designed residual blocks.
Pelican can achieve a high attack detection performance while keeping a much low false alarm rate.
- Score: 7.562843347215287
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: One challenge for building a secure network communication environment is how
to effectively detect and prevent malicious network behaviours. The abnormal
network activities threaten users' privacy and potentially damage the function
and infrastructure of the whole network. To address this problem, the network
intrusion detection system (NIDS) has been used. By continuously monitoring
network activities, the system can timely identify attacks and prompt
counter-attack actions. NIDS has been evolving over years. The
current-generation NIDS incorporates machine learning (ML) as the core
technology in order to improve the detection performance on novel attacks.
However, the high detection rate achieved by a traditional ML-based detection
method is often accompanied by large false-alarms, which greatly affects its
overall performance. In this paper, we propose a deep neural network, Pelican,
that is built upon specially-designed residual blocks. We evaluated Pelican on
two network traffic datasets, NSL-KDD and UNSW-NB15. Our experiments show that
Pelican can achieve a high attack detection performance while keeping a much
low false alarm rate when compared with a set of up-to-date machine learning
based designs.
Related papers
- SCGNet-Stacked Convolution with Gated Recurrent Unit Network for Cyber Network Intrusion Detection and Intrusion Type Classification [0.0]
Intrusion detection systems (IDSs) are far from being able to quickly and efficiently identify complex and varied network attacks.
The SCGNet is a novel deep learning architecture that we propose in this study.
It exhibits promising results on the NSL-KDD dataset in both task, network attack detection, and attack type classification with 99.76% and 98.92% accuracy, respectively.
arXiv Detail & Related papers (2024-10-29T09:09:08Z) - An anomaly detection approach for backdoored neural networks: face
recognition as a case study [77.92020418343022]
We propose a novel backdoored network detection method based on the principle of anomaly detection.
We test our method on a novel dataset of backdoored networks and report detectability results with perfect scores.
arXiv Detail & Related papers (2022-08-22T12:14:13Z) - An Overview of Backdoor Attacks Against Deep Neural Networks and
Possible Defences [33.415612094924654]
The goal of this paper is to review the different types of attacks and defences proposed so far.
In a backdoor attack, the attacker corrupts the training data so to induce an erroneous behaviour at test time.
Test time errors are activated only in the presence of a triggering event corresponding to a properly crafted input sample.
arXiv Detail & Related papers (2021-11-16T13:06:31Z) - Transferable Adversarial Examples for Anchor Free Object Detection [44.7397139463144]
We present the first adversarial attack on anchor-free object detectors.
We leverage high-level semantic information to efficiently generate transferable adversarial examples.
Our proposed method achieves state-of-the-art performance and transferability.
arXiv Detail & Related papers (2021-06-03T06:38:15Z) - TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack [46.79557381882643]
We present TANTRA, a novel end-to-end Timing-based Adversarial Network Traffic Reshaping Attack.
Our evasion attack utilizes a long short-term memory (LSTM) deep neural network (DNN) which is trained to learn the time differences between the target network's benign packets.
TANTRA achieves an average success rate of 99.99% in network intrusion detection system evasion.
arXiv Detail & Related papers (2021-03-10T19:03:38Z) - DualNet: Locate Then Detect Effective Payload with Deep Attention
Network [3.502112118170715]
We propose a novel neural network based intrusion detection system, DualNet, which is constructed with a general feature extraction stage and a crucial feature learning stage.
Our experiment shows that DualNet outperforms classical ML based NIDSs and is more effective than existing DL methods for NID in terms of accuracy, detection rate and false alarm rate.
arXiv Detail & Related papers (2020-10-23T05:32:21Z) - Experimental Review of Neural-based approaches for Network Intrusion
Management [8.727349339883094]
We provide an experimental-based review of neural-based methods applied to intrusion detection issues.
We offer a complete view of the most prominent neural-based techniques relevant to intrusion detection, including deep-based approaches or weightless neural networks.
Our evaluation quantifies the value of neural networks, particularly when state-of-the-art datasets are used to train the models.
arXiv Detail & Related papers (2020-09-18T18:32:24Z) - Defending Water Treatment Networks: Exploiting Spatio-temporal Effects
for Cyber Attack Detection [46.67179436529369]
Water Treatment Networks (WTNs) are critical infrastructures for local communities and public health, WTNs are vulnerable to cyber attacks.
We propose a structured anomaly detection framework to defend WTNs by modeling thetemporal characteristics of cyber attacks in WTNs.
arXiv Detail & Related papers (2020-08-26T15:56:55Z) - Enhancing Robustness Against Adversarial Examples in Network Intrusion
Detection Systems [1.7386735294534732]
RePO is a new mechanism to build an NIDS with the help of denoising autoencoders capable of detecting different types of network attacks in a low false alert setting.
Our evaluation shows denoising autoencoders can improve detection of malicious traffic by up to 29% in a normal setting and by up to 45% in an adversarial setting.
arXiv Detail & Related papers (2020-08-09T07:04:06Z) - Firearm Detection and Segmentation Using an Ensemble of Semantic Neural
Networks [62.997667081978825]
We present a weapon detection system based on an ensemble of semantic Convolutional Neural Networks.
A set of simpler neural networks dedicated to specific tasks requires less computational resources and can be trained in parallel.
The overall output of the system given by the aggregation of the outputs of individual networks can be tuned by a user to trade-off false positives and false negatives.
arXiv Detail & Related papers (2020-02-11T13:58:16Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.