Artigo em revista científica Q2
Deep learning model transposition for network intrusion detection systems
João Figueiredo (Figueiredo, J.); Carlos Serrão (Serrão, C.); Ana de Almeida (de Almeida, A.);
Título Revista
Electronics
Ano (publicação definitiva)
2023
Língua
Inglês
País
Suíça
Mais Informação
Web of Science®

N.º de citações: 10

(Última verificação: 2024-11-20 23:33)

Ver o registo na Web of Science®


: 3.8
Scopus

N.º de citações: 19

(Última verificação: 2024-11-15 17:30)

Ver o registo na Scopus


: 5.4
Google Scholar

N.º de citações: 20

(Última verificação: 2024-11-18 01:03)

Ver o registo no Google Scholar

Abstract/Resumo
Companies seek to promote a swift digitalization of their business processes and new disruptive features to gain an advantage over their competitors. This often results in a wider attack surface that may be exposed to exploitation from adversaries. As budgets are thin, one of the most popular security solutions CISOs choose to invest in is Network-based Intrusion Detection Systems (NIDS). As anomaly-based NIDS work over a baseline of normal and expected activity, one of the key areas of development is the training of deep learning classification models robust enough so that, given a different network context, the system is still capable of high rate accuracy for intrusion detection. In this study, we propose an anomaly-based NIDS using a deep learning stacked-LSTM model with a novel pre-processing technique that gives it context-free features and outperforms most related works, obtaining over 99% accuracy over the CICIDS2017 dataset. This system can also be applied to different environments without losing its accuracy due to its basis on context-free features. Moreover, using synthetic network attacks, it has been shown that this NIDS approach can detect specific categories of attacks.
Agradecimentos/Acknowledgements
We would like to thank the research environment provided by the Information Sciences, Technologies, and Architecture Research Center (ISTAR), supported by Fundação para a Ciência e a Tecnologia (FCT), Portugal, under projects UIDB/04466/2020 and UIDP/0446
Palavras-chave
Network intrusion detection system (NIDS),Intrusion detection,Anomaly detection,Deep learning (DL),Long short-term memory (LSTM)
  • Ciências da Computação e da Informação - Ciências Naturais
  • Ciências Físicas - Ciências Naturais
  • Engenharia Civil - Engenharia e Tecnologia
  • Engenharia Eletrotécnica, Eletrónica e Informática - Engenharia e Tecnologia
Registos de financiamentos
Referência de financiamento Entidade Financiadora
UIDB/04466/2020 Fundação para a Ciência e a Tecnologia
UIDP/04466/2020 Fundação para a Ciência e a Tecnologia
Projetos Relacionados

Esta publicação é um output do(s) seguinte(s) projeto(s):