Preprint Article Version 1 Preserved in Portico This version is not peer-reviewed

Intelligent Cyber-Attack Detection and Classification for Network-based Intrusion Detection Systems

Version 1 : Received: 11 December 2020 / Approved: 14 December 2020 / Online: 14 December 2020 (09:36:58 CET)

How to cite: Oliveira, N.; Praça, I.; Maia, E.; Sousa, O. Intelligent Cyber-Attack Detection and Classification for Network-based Intrusion Detection Systems. Preprints 2020, 2020120315 (doi: 10.20944/preprints202012.0315.v1). Oliveira, N.; Praça, I.; Maia, E.; Sousa, O. Intelligent Cyber-Attack Detection and Classification for Network-based Intrusion Detection Systems. Preprints 2020, 2020120315 (doi: 10.20944/preprints202012.0315.v1).

Abstract

With the latest advances in information and communication technologies, greater amounts of sensitive user and corporate information are constantly shared across the network making it susceptible to an attack that can compromise data confidentiality, integrity and availability. Intrusion Detection Systems (IDS) are important security mechanisms that can perform a timely detection of malicious events through the inspection of network traffic or host-based logs. Throughout the years, many machine learning techniques have proven to be successful at conducting anomaly detection but only a few considered the sequential nature of data. This work proposes a sequential approach and evaluates the performance of a Random Forest (RF), a Multi-Layer Perceptron (MLP) and a Long-Short Term Memory (LSTM) on the CIDDS-001 dataset. The resulting performance measures of this particular approach are compared with the ones obtained from a more traditional one, that only considers individual flow information, in order to determine which methodology best suits the concerned scenario. The experimental outcomes lead to believe that anomaly detection can be better addressed from a sequential perspective and that the LSTM is a very reliable model for acquiring sequential patterns in network traffic data, achieving an accuracy of 99.94% and a f1-score of 91.66%.

Subject Areas

Intrusion Detection Systems; Anomaly detection; Sequential analysis; Random Forest; Multi-Layer Perceptron; Long-Short Term Memory

Comments (0)

We encourage comments and feedback from a broad range of readers. See criteria for comments and our diversity statement.

Leave a public comment
Send a private comment to the author(s)
Views 0
Downloads 0
Comments 0
Metrics 0


×
Alerts
Notify me about updates to this article or when a peer-reviewed version is published.
We use cookies on our website to ensure you get the best experience.
Read more about our cookies here.