MCGAN: Modified Conditional Generative Adversarial Network (MCGAN) for Class Imbalance Problems in Network Intrusion Detection System
Abstract
:1. Introduction
- A novel technique, namely the modified conditional generative adversarial network (MCGAN), is introduced to get rid of the class disparity issue.
- A linear correlation-based feature selection method was introduced to select the significant features, and the Bi-LSTM technique was used to classify the sub-class of intrusion.
- The proposed technique experimented on NSL-KDD+ datasets. We analyzed the efficiency of attack detection with measurable estimations.
- The outcome of the proposed technique is associated with traditional techniques under various modified features to validate the system’s efficacy.
2. Literature Survey
3. Preliminaries
3.1. Problem Definition
3.2. Dataset: NSL-KDD
4. Proposed Methodology
4.1. Data Preprocessing
4.2. Modified Conditional Generative Adversarial Network (MCGAN)
4.3. Feature Selection
4.4. Bidirectional Long Short-Term Memory (Bi-LSTM) Technique
Algorithm 1: Training procedure for Bi-LSTM model |
|
5. Experimentation and Result Analysis
5.1. Experimental Setup
5.2. Performance Metrics
5.3. Result Analysis
5.4. Comparative Analysis of Proposed Model
6. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Scarfone, K.; Mell, P.M. Guide to Intrusion Detection and Prevention Systems (IDPS); U.S. Department of Commerce: Washington, DC, USA, 2007. [Google Scholar] [CrossRef]
- Salo, F.; Nassif, A.B.; Essex, A. Dimensionality reduction with IG-PCA and ensemble classifier for network intrusion detection. Comput. Networks 2019, 148, 164–175. [Google Scholar]
- Revathi, S.; Malathi, A. A detailed analysis on NSL-KDD dataset using various machine learning techniques for intrusion detection. Int. J. Eng. Res. Technol. 2013, 2, 1848–1853. [Google Scholar]
- Gu, J.; Wang, L.; Wang, H.; Wang, S. A novel approach to intrusion detection using SVM ensemble with feature augmentation. Comput. Secur. 2019, 86, 53–62. [Google Scholar] [CrossRef]
- Dhaliwal, S.S.; Nahid, A.-A.; Abbas, R. Effective Intrusion Detection System Using XGBoost. Information 2018, 9, 149. [Google Scholar] [CrossRef] [Green Version]
- Sharmila, B.S.; Nagapadma, R. Intrusion detection system using Naive Bayes algorithm. In Proceedings of the 2019 IEEE International WIE Conference on Electrical and Computer Engineering (WIECON-ECE), Bangalore, India, 15 November 2019; pp. 1–4. [Google Scholar]
- Rao, B.B.; Swathi, K. Fast kNN Classifiers for Network Intrusion Detection System. Indian J. Sci. Technol. 2017, 10, 1–10. [Google Scholar] [CrossRef]
- Jabbar, M.; Aluvalu, R. RFAODE: A Novel Ensemble Intrusion Detection System. Procedia Comput. Sci. 2017, 115, 226–234. [Google Scholar] [CrossRef]
- Yin, C.; Zhu, Y.; Fei, J.; He, X. A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks. IEEE Access 2017, 5, 21954–21961. [Google Scholar] [CrossRef]
- Shettar, P.; Kachavimath, A.V.; Mulla, M.M.; Hanchinmani, G. Intrusion detection system using MLP and chaotic neural networks. In Proceedings of the 2021 International Conference on Computer Communication and Informatics (ICCCI), Virtual, 27 January 2021; pp. 1–4. [Google Scholar]
- Sun, P.; Liu, P.; Li, Q.; Liu, C.; Lu, X.; Hao, R.; Chen, J. DL-IDS: Extracting Features Using CNN-LSTM Hybrid Network for Intrusion Detection System. Secur. Commun. Networks 2020, 2020, 1–11. [Google Scholar] [CrossRef]
- Rodda, S.; Erothi, U.S.R. Class imbalance problem in the Network Intrusion Detection Systems. IEEE 2016, 775, 2685–2688. [Google Scholar] [CrossRef]
- Ahmad, Z.; Shahid Khan, A.; Wai Shiang, C.; Abdullah, J.; Ahmad, F. Network intrusion detection system: A systematic study of machine learning and deep learning approaches. Trans. Emerg. Telecommun. Technol. 2021, 32, e4150. [Google Scholar] [CrossRef]
- Yang, J.; Li, T.; Liang, G.; He, W.; Zhao, Y. A Simple Recurrent Unit Model Based Intrusion Detection System With DCGAN. IEEE Access 2019, 7, 83286–83296. [Google Scholar] [CrossRef]
- Wang, X.; Zhao, Y.; Pourpanah, F. Recent advances in deep learning. Int. J. Mach. Learn. Cybernetics. 2020, 11, 747–750. [Google Scholar] [CrossRef] [Green Version]
- Marir, N.; Wang, H.; Feng, G.; Li, B.; Jia, M. Distributed Abnormal Behavior Detection Approach Based on Deep Belief Network and Ensemble SVM Using Spark. IEEE Access 2018, 6, 59657–59671. [Google Scholar] [CrossRef]
- Vinayakumar, R.; Alazab, M.; Soman, K.P.; Poornachandran, P.; Al-Nemrat, A.; Venkatraman, S. Deep learning approach for intelligent intrusion detection system. Ieee Access 2019, 7, 41525–41550. [Google Scholar] [CrossRef]
- Bedi, P.; Gupta, N.; Jindal, V. Siam-IDS: Handling class imbalance problem in intrusion detection systems using siamese neural network. Procedia Comput. Sci. 2020, 171, 780–789. [Google Scholar] [CrossRef]
- Bedi, P.; Gupta, N.; Jindal, V. I-SiamIDS: An improved Siam-IDS for handling class imbalance in network-based intrusion detection systems. Appl. Intelligence 2021, 51, 1133–1151. [Google Scholar] [CrossRef]
- Gupta, N.; Jindal, V.; Bedi, P. LIO-IDS: Handling class imbalance using LSTM and improved one-vs-one technique in intrusion detection system. Comput. Networks 2021, 192, 108076. [Google Scholar] [CrossRef]
- Tang, T.A.; Mhamdi, L.; McLernon, D.; Zaidi, S.A.; Ghogho, M. Deep learning approach for network intrusion detection in software defined networking. In Proceedings of the 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM), Fez, Morocco, 26 October 2016; pp. 258–263. [Google Scholar]
- Wang, W.; Sheng, Y.; Wang, J.; Zeng, X.; Ye, X.; Huang, Y.; Zhu, M. HAST-IDS: Learning Hierarchical Spatial-Temporal Features Using Deep Neural Networks to Improve Intrusion Detection. IEEE Access 2017, 6, 1792–1806. [Google Scholar] [CrossRef]
- Ngueajio, M.K.; Washington, G.; Rawat, D.B.; Ngueabou, Y. Intrusion Detection Systems Using Support Vector Machines on the KDDCUP’99 and NSL-KDD Datasets: A Comprehensive Survey. In Proceedings of the 2022 Intelligent Systems Conference (IntelliSys), Amsterdam, The Netherlands, 2–3 September 2021; Volume 2, pp. 609–629. [Google Scholar]
- Devarakonda, A.; Sharma, N.; Saha, P.; Ramya, S. Network intrusion detection: A comparative study of four classifi-ers using the NSL-KDD and KDD’99 datasets. J. Phys. Conf. Ser. 2022, 2161, 012043. [Google Scholar]
- Kilincer, I.F.; Ertam, F.; Sengur, A. A comprehensive intrusion detection framework using boosting algorithms. Comput. Electr. Eng. 2022, 100, 107869. [Google Scholar] [CrossRef]
- Tavallaee, M.; Bagheri, E.; Lu, W.; Ghorbani, A.A. A detailed analysis of the KDD CUP 99 data set. In Proceedings of the 2009 IEEE symposium on computational intelligence for security and defense applications, Ottawa, ON, Canada, 8 July 2009; pp. 1–6. [Google Scholar]
- Zhang, G.; Wang, X.; Li, R.; Song, Y.; He, J.; Lai, J. Network intrusion detection based on conditional Wasserstein generative adversarial network and cost-sensitive stacked autoencoder. IEEE Access 2020, 8, 190431–190447. [Google Scholar]
- Lee, J.; Park, K. AE-CGAN Model based High Performance Network Intrusion Detection System. Appl. Sci. 2019, 9, 4221. [Google Scholar] [CrossRef] [Green Version]
- Murugan, P.; Durairaj, S. Regularization and optimization strategies in deep convolutional neural network. arXiv 2017, arXiv:1712.04711. [Google Scholar]
- Staudemeyer, R.C.; Morris, E.R. Understanding LSTM—A tutorial into long short-term memory recurrent neural networks. arXiv 2019, arXiv:1909.09586. [Google Scholar]
- Ambusaidi, M.A.; Xiangjian, H.; Priyadarsi, N.; Zhiyuan, T. Building an intrusion detection system using a filter-based feature selection algorithm. IEEE Trans. Comput. 2016, 65, 2986–2998. [Google Scholar] [CrossRef] [Green Version]
- Lin, Y.; Wang, J.; Tu, Y.; Chen, L.; Dou, Z. Time-Related Network Intrusion Detection Model: A Deep Learning Method. In Proceedings of the 2019 IEEE Global Communications Conference (GLOBECOM), Waikoloa, HI, USA, 9–13 December 2019. [Google Scholar] [CrossRef]
Dataset with Features | Class | Precision | Recall | FPR | Specificity | F1-Score |
---|---|---|---|---|---|---|
NSL-KDD+ | Normal | 92.04% | 93.45% | 4.57% | 96.47% | 95.78% |
DoS | 93.51% | 92.74% | 0.87% | 97.54% | 94.31% | |
Probe | 91.78% | 90.27% | 2.14% | 98.12% | 84.87% | |
R2L | 90.47% | 94.12% | 0.51% | 95.97% | 94.57% | |
U2R | 88.54% | 84.54% | 0.69% | 89.78% | 81.45% | |
NSL-KDD+20 | Normal | 93.80% | 94.12% | 4.14% | 96.89% | 96.91% |
DoS | 94.21% | 91.54% | 0.74% | 98.57% | 94.87% | |
Probe | 92.54% | 89.71% | 2.45% | 98.90% | 85.74% | |
R2L | 89.12% | 93.74% | 0.47% | 94.78% | 95.71% | |
U2R | 86.87% | 85.78% | 0.71% | 88.74% | 82.67% |
Algorithms | NSL-KDD+ | NSL-KDD+20 | ||||||
---|---|---|---|---|---|---|---|---|
Precision | Recall | FPR | F1-Score | Precision | Recall | FPR | F1-Score | |
LSSVM-IDS | 52.74% | 52.89% | 8.78% | 53.17% | 55.78% | 55.91% | 7.14% | 55.88% |
AE-CGAN-RF | 64.94% | 65.06% | 5.17% | 64.62% | 67.23% | 67.98% | 4.97% | 67.57% |
RNN-IDS | 82.14% | 82.77% | 3.47% | 81.76% | 85.04% | 85.87% | 3.01% | 84.97% |
SSAE-LSTM | 84.17% | 86.16% | 2.74% | 84.87% | 88.54% | 89.03% | 2.14% | 88.67% |
Proposed model | 91.94% | 92.05% | 1.85% | 91.88% | 95.42% | 96.07% | 1.06% | 95.78% |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Babu, K.S.; Rao, Y.N. MCGAN: Modified Conditional Generative Adversarial Network (MCGAN) for Class Imbalance Problems in Network Intrusion Detection System. Appl. Sci. 2023, 13, 2576. https://doi.org/10.3390/app13042576
Babu KS, Rao YN. MCGAN: Modified Conditional Generative Adversarial Network (MCGAN) for Class Imbalance Problems in Network Intrusion Detection System. Applied Sciences. 2023; 13(4):2576. https://doi.org/10.3390/app13042576
Chicago/Turabian StyleBabu, Kunda Suresh, and Yamarthi Narasimha Rao. 2023. "MCGAN: Modified Conditional Generative Adversarial Network (MCGAN) for Class Imbalance Problems in Network Intrusion Detection System" Applied Sciences 13, no. 4: 2576. https://doi.org/10.3390/app13042576
APA StyleBabu, K. S., & Rao, Y. N. (2023). MCGAN: Modified Conditional Generative Adversarial Network (MCGAN) for Class Imbalance Problems in Network Intrusion Detection System. Applied Sciences, 13(4), 2576. https://doi.org/10.3390/app13042576