SpringerLink
Log in

Real-time intrusion detection based on residual learning through ResNet algorithm

  • Original article
  • Published:
International Journal of System Assurance Engineering and Management Aims and scope Submit manuscript

Abstract

Over the years, attacks from the Internet have grown more advanced and can bypass simple security measures like antivirus scanners and firewalls. With the rapid development of systems administration applications and software-based frameworks, the need to develop better security strategies for defending against digital attacks has become acute. Identifying, detecting, and preventing intrusions are critical for network security in today's connected world of computation. A potential way to enhance network protection is to include an alternative layer to defend the network framework through intrusion detection system (IDS). This paper defines a model for IDS based on a deep learning strategy. The model employs ResNet50, which is 50 layers deep, a convolutional neural network. ResNet offers advancement over the conventional machine learning methods that do not suffice to reduce the false alarm rate. The proposed IDS model aims to detect intrusions by categorizing all network packets into normal or malicious groups. During the experimental work, the proposed model is trained and validated using three datasets: the network security laboratory knowledge discovery in databases, the CICIDS2017 dataset from the Canadian Institute for Cyber Security Intrusion Detection System, and the UNSW Canberra, Australia (UNSW2015) dataset from the University of New South Wales (UNSW). The model's overall accuracy, recall, precision and F1 score have been measured and substantiated with the ROC curve. Later the performance of the model is further confirmed by comparing it with seven other well-known machine learning classifiers that include Naïve Bayes, support vector machine, AdaBoost, k-nearest neighbour, random forest, decision tree and linear regression. Accuracy rate as high as 97.65% emphasizes that the proposed model has great potential in outperforming the existing methods.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  • Abraham A, Jain R, Thomas J, Han SY (2007) D-SCIDS: distributed soft computing intrusion detection system. J Netw Comput Appl 30(1):81–98 (ISSN 1084-8045)

    Article  Google Scholar 

  • Azizjon M, Jumabek A, Kim W (2020) 1D CNN based network intrusion detection with normalization on imbalanced data. In: 2020 International conference on artificial intelligence in information and communication (ICAIIC), Fukuoka, Japan. pp 218–224. https://doi.org/10.1109/ICAIIC48513.2020.9064976

  • Belgrana FZ, Benamrane N, Hamaida MA, Mohamed Chaabani A, Taleb-Ahmed A (2021) Network intrusion detection system using neural network and condensed nearest neighbors with selection of NSL-KDD influencing features. In: 2020 IEEE international conference on internet of things and intelligence system (IoTaIS), BALI, Indonesia. pp 23–29. https://doi.org/10.1109/IoTaIS50849.2021.9359689

  • Boukhamla A, Coronel J (2018) Cicids 2017 dataset: performance improvements and validation as a robust intrusion detection system testbed. Int J Inf Comput Secur (2018) 3. Cyber intelligence (CI) for cybersecurity: network traffic flow analyzer, March 2018. http://www.netflowmeter.ca/netflowmeter.html

  • Bouyeddou B, Kadri B, Harrou F, Sun Y (2020) DDOS-attacks detection using an efficient measurement-based statistical mechanism. Eng Sci Technol Int J 23(4):870–878 (ISSN 2215-0986)

    Google Scholar 

  • Devan P, Khare N (2020) An efficient XGBoost–DNN-based classification model for network intrusion detection system. Neural Comput Appl 32:12499–12514. https://doi.org/10.1007/s00521-020-04708-x

    Article  Google Scholar 

  • Duo R, Nie X, Yang N, Yue C, Wang Y (2021) Anomaly detection and attack classification for train real-time ethernet. IEEE Access 9:22528–22541. https://doi.org/10.1109/ACCESS.2021.3055209

    Article  Google Scholar 

  • Haghighat MH, Li J (2021) Intrusion detection system using voting-based neural network. Tsinghua Sci Technol 26(4):484–495. https://doi.org/10.26599/TST.2020.9010022

    Article  Google Scholar 

  • Ho S, Jufout SA, Dajani K, Mozumdar M (2021) A novel intrusion detection model for detecting known and innovative cyberattacks using convolutional neural network. IEEE Open J Comput Soc 2:14–25. https://doi.org/10.1109/OJCS.2021.3050917

    Article  Google Scholar 

  • Hussain F, Abbas SG, Husnain M, Fayyaz UU, Shahzad F, Shah GA (2020) IoT DoS and DDoS attack detection using ResNet. In: 2020 IEEE 23rd international multitopic conference (INMIC), Bahawalpur, Pakistan. pp 1–6. https://doi.org/10.1109/INMIC50486.2020.9318216

  • Hwang K, Cai M, Chen Y, Qin M (2007) Hybrid intrusion detection with weighted signature generation over anomalous internet episodes. IEEE Trans Dependable Secure Comput 4(1):41–55

    Article  Google Scholar 

  • Jabez J, Muthukumar B (2015) Intrusion detection system (IDS): anomaly detection using outlier detection approach. Procedia Comput Sci 48:338–346 (ISSN 1877-0509)

    Article  Google Scholar 

  • Jiang K, Wang W, Wang A, Wu H (2020) Network intrusion detection combined hybrid sampling with deep hierarchical network. IEEE Access 8:32464–32476. https://doi.org/10.1109/ACCESS.2020.2973730

    Article  Google Scholar 

  • Li X et al (2021) Sustainable ensemble learning driving intrusion detection model. IEEE Trans Dependable and Secure Comput. https://doi.org/10.1109/TDSC.2021.3066202

    Article  Google Scholar 

  • Liao H-J, Lin C-HR, Lin Y-C, Tung K-Y (2018) Intrusion detection system: a comprehensive review. J Netw Comput Appl 36(1):16–24. ISSN 1084-8045. Cyber intelligence (CI) for cybersecurity: intrusion detection evaluation dataset (cicids2017), March 2018. https://www.unb.ca/cic/datasets/ids-2017.html

  • Lin W, Lin H, Wang P, Wu B, Tsai J (2018) Using convolutional neural networks to network intrusion detection for cyber threats. In: 2018 IEEE international conference on applied system invention (ICASI), Chiba. pp 1107–1110

  • Man J, Sun G (2021) A residual learning-based network intrusion detection system. Secur Commun Netw 2021:9. https://doi.org/10.1155/2021/5593435

    Article  Google Scholar 

  • Moustafa N, Slay J (2015) UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: Military communications and information systems conference (MilCIS). IEEE

  • Niyaz Q, Javaid AY, Sun W, Alam M (2015) A deep learning approach for NIDS. In: 9th EAI international conference on bio-inspired information and communications technologies, at New York

  • Park S, Kim M, Lee S (2018) Anomaly detection for HT%MCEPASTEBIN%TP using convolutional autoencoders. IEEE Access 6:70884–70901. https://doi.org/10.1109/ACCESS.2018.2881003

    Article  Google Scholar 

  • Seo W, Pak W (2021) Real-time network intrusion prevention system based on hybrid machine learning. IEEE Access 9:46386–46397. https://doi.org/10.1109/ACCESS.2021.3066620

    Article  Google Scholar 

  • Shone N, Ngoc T, Phai V, Shi Q (2018) A deep learning approach to network intrusion detection. IEEE Trans Emerg Top Comput Intell 2(1):41–50

    Article  Google Scholar 

  • Vinayakumar R, Alazab M, Soman KP, Poornachandran P, Al-Nemrat A, Venkatraman S (2019) Deep learning approach for intelligent intrusion detection system. IEEE Access 7:41525–41550

    Article  Google Scholar 

  • Wu P, Guo H (2019) LuNet: a deep neural network for network intrusion detection. In: 2019 IEEE symposium series on computational intelligence (SSCI), **amen, China. pp 617–624. https://doi.org/10.1109/SSCI44817.2019.9003126

  • **ao Y, **ng C, Zhang T, Zhao Z (2019) An intrusion detection model based on feature reduction and convolutional neural networks. IEEE Access 7:42210–42219. https://doi.org/10.1109/ACCESS.2019.2904620

    Article  Google Scholar 

  • Zhang X, Ran J, Mi J (2019) An intrusion detection system based on convolutional neural network for imbalanced network traffic. In: 2019 IEEE 7th international conference on computer science and network technology (ICCSNT), Dalian, China. pp 456–460. https://doi.org/10.1109/ICCSNT47585.2019.8962490

  • Zhou H, Hu Y, Yang X, Pan H, Guo W, Zou CC (2020) A worm detection system based on deep learning. IEEE Access 8:205444–205454. https://doi.org/10.1109/ACCESS.2020.3023434

    Article  Google Scholar 

Download references

Funding

None.

Author information

Authors and Affiliations

  1. Amity University Maharashtra, Mumbai, Maharashtra, India

    Asma Shaikh & Preeti Gupta

  2. Marathwada Mitra Mandal College of Engineering, Pune, India

    Asma Shaikh

Authors
  1. Asma Shaikh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Preeti Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Asma Shaikh.

Ethics declarations

Conflict of interest

The authors state that there are no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Shaikh, A., Gupta, P. Real-time intrusion detection based on residual learning through ResNet algorithm. Int J Syst Assur Eng Manag (2022). https://doi.org/10.1007/s13198-021-01558-1

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s13198-021-01558-1

Keywords

Search

Navigation