Final published version
Research output: Contribution to Journal/Magazine › Journal article › peer-review
Research output: Contribution to Journal/Magazine › Journal article › peer-review
}
TY - JOUR
T1 - Convolutional neural network-based high-precision and speed detection system on CIDDS-001
AU - Daoud, Mohamed_Amine
AU - Dahmani, Youcef
AU - Bendaoud, Mebarek
AU - Ouared, Abdelkader
AU - Ahmed, Hasan
PY - 2023/3/31
Y1 - 2023/3/31
N2 - The growing interconnection of complex infrastructures gives very advanced communication functionalities, which gives a massive increase in connected devices and an associated flow volume. Cloud computing is constantly threatened by sophisticated attacks, which poses challenges for a security system. The Cloud will obsolete existing detection procedures against cyber-attacks where they would not be adapted accordingly. Intrusion detection is a classification problem wherein various machine learning and data mining techniques are applied to classify the network data into normal and attack traffic. Therefore, the proposal of new rapid and effective detection approaches is an absolute necessity. In this work, a proposed framework is a network anomaly detection system based on Deep Learning. The analysis carried out was based on the hyper-parameters of the layers of our model. This proposed model is a combination of two techniques; namely, a reduction of dimensions based on the approach of the main components and the second is based on a dense supervised neural network based on convolution neural network (CNN) for a multi-classification of normal and intrusive events from a recent data-set Coburg Network Intrusion Detection data-set (CIDDS-001). The experiments carried out show that the very precise choice of hyper-parameters gives better results. By running the proposed CNN model, it is capable of detecting attacks with an accuracy of 99.13 % and an execution time of 12 s.
AB - The growing interconnection of complex infrastructures gives very advanced communication functionalities, which gives a massive increase in connected devices and an associated flow volume. Cloud computing is constantly threatened by sophisticated attacks, which poses challenges for a security system. The Cloud will obsolete existing detection procedures against cyber-attacks where they would not be adapted accordingly. Intrusion detection is a classification problem wherein various machine learning and data mining techniques are applied to classify the network data into normal and attack traffic. Therefore, the proposal of new rapid and effective detection approaches is an absolute necessity. In this work, a proposed framework is a network anomaly detection system based on Deep Learning. The analysis carried out was based on the hyper-parameters of the layers of our model. This proposed model is a combination of two techniques; namely, a reduction of dimensions based on the approach of the main components and the second is based on a dense supervised neural network based on convolution neural network (CNN) for a multi-classification of normal and intrusive events from a recent data-set Coburg Network Intrusion Detection data-set (CIDDS-001). The experiments carried out show that the very precise choice of hyper-parameters gives better results. By running the proposed CNN model, it is capable of detecting attacks with an accuracy of 99.13 % and an execution time of 12 s.
KW - Convolution neural network
KW - Evaluation metric
KW - Classification
KW - Anomaly
KW - Principal component analysis
U2 - 10.1016/j.datak.2022.102130
DO - 10.1016/j.datak.2022.102130
M3 - Journal article
VL - 144
JO - Data and Knowledge Engineering
JF - Data and Knowledge Engineering
SN - 0169-023X
M1 - 102130
ER -