Nearest cluster-based intrusion detection through convolutional neural networks 筆記

Nearest cluster-based intrusion detection through convolutional neural networks

技術要點

So, the primary innovation of this study is the definition of a new deep learning pipeline, that couples the characteristics of a target network flow to the characteristics of the neighbour of the flow under consideration, which belongs to the same class, as well as the characteristics of the neighbour that belongs to the opposite class of the target flow.

Another innovation is that this joint information – the characteristics of the network flows coupled to the characteristics of the neighbour flows – is represented as multiple rows of image-like 2D pixel grids, instead of being concatenated into 1D vectors.

However, to the best of our knowledge, none of the existing state-of-the-art algorithms propose a 2D representation of the network flows, which encodes the neighbouring informa- tion in the imaging step. On the other hand, this is one of the innovative contributions of this study,

Similarly to the above-mentioned studies, we also adopt clus- tering to speed up the computation. However, we pursue this speeding-up with respect to the imaging stage, while the related works listed above mainly use clustering to accelerate the deep learning stage, by reducing the volume of data processed to train the networks. We also perform experiments proving that the efficiency in our methodology is gained by preserving the accuracy of the final CNNs trained with the produced images.

是以，本研究的主要創新之處在于定義了一種新的深度學習管道，它将目标網絡流的特征與所考慮的同類别流的鄰居的特征相結合，以及屬于目标流相反類的鄰居的特性。

關鍵文獻

• Z. Li, Z. Qin, K. Huang, X. Yang, S. Ye, Intrusion detection using convolutional neural networks for representation learning, in: ICONIP, Springer International Publishing, 2017, pp. 858–866.
• T. Kim, S.C. Suh, H. Kim, J. Kim, J. Kim, An encoding technique for cnn-based network anomaly detection, in: 2018 IEEE International Conference on Big Data (Big Data), IEEE, 2018, pp. 2960–2965.
• K. He, X. Zhang, S. Ren, J. Sun, Deep residual learning for image recognition,in: 2016 IEEE Conference on Computer Vision and Pattern Recognition(CVPR), IEEE Computer Society, 2016, pp. 770–778.
• C. Szegedy, Wei Liu, Yangqing Jia, P. Sermanet, S. Reed, D. Anguelov, D.Erhan, V. Vanhoucke, A. Rabinovich, Going deeper with convolutions, in:2015 IEEE Conference on Computer Vision and Pattern Recognition (CVPR),IEEE, 2015, pp. 1–9.
• K. Millar, A. Cheng, H.G. Chew, C.-C. Lim, Using convolutional neural networks for classifying malicious network traffic, Deep Learn. Appl. Cyber Secur. (2019) 103–126.