Abstract
Over the years, attacks from the Internet have grown more advanced and can bypass simple security measures like antivirus scanners and firewalls. With the rapid development of systems administration applications and software-based frameworks, the need to develop better security strategies for defending against digital attacks has become acute. Identifying, detecting, and preventing intrusions are critical for network security in today's connected world of computation. A potential way to enhance network protection is to include an alternative layer to defend the network framework through intrusion detection system (IDS). This paper defines a model for IDS based on a deep learning strategy. The model employs ResNet50, which is 50 layers deep, a convolutional neural network. ResNet offers advancement over the conventional machine learning methods that do not suffice to reduce the false alarm rate. The proposed IDS model aims to detect intrusions by categorizing all network packets into normal or malicious groups. During the experimental work, the proposed model is trained and validated using three datasets: the network security laboratory knowledge discovery in databases, the CICIDS2017 dataset from the Canadian Institute for Cyber Security Intrusion Detection System, and the UNSW Canberra, Australia (UNSW2015) dataset from the University of New South Wales (UNSW). The model's overall accuracy, recall, precision and F1 score have been measured and substantiated with the ROC curve. Later the performance of the model is further confirmed by comparing it with seven other well-known machine learning classifiers that include Naïve Bayes, support vector machine, AdaBoost, k-nearest neighbour, random forest, decision tree and linear regression. Accuracy rate as high as 97.65% emphasizes that the proposed model has great potential in outperforming the existing methods.
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13198-021-01558-1/MediaObjects/13198_2021_1558_Fig1_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13198-021-01558-1/MediaObjects/13198_2021_1558_Fig2_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13198-021-01558-1/MediaObjects/13198_2021_1558_Fig3_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13198-021-01558-1/MediaObjects/13198_2021_1558_Fig4_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13198-021-01558-1/MediaObjects/13198_2021_1558_Fig5_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13198-021-01558-1/MediaObjects/13198_2021_1558_Fig6_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13198-021-01558-1/MediaObjects/13198_2021_1558_Fig7_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13198-021-01558-1/MediaObjects/13198_2021_1558_Fig8_HTML.png)
Similar content being viewed by others
References
Abraham A, Jain R, Thomas J, Han SY (2007) D-SCIDS: distributed soft computing intrusion detection system. J Netw Comput Appl 30(1):81–98 (ISSN 1084-8045)
Azizjon M, Jumabek A, Kim W (2020) 1D CNN based network intrusion detection with normalization on imbalanced data. In: 2020 International conference on artificial intelligence in information and communication (ICAIIC), Fukuoka, Japan. pp 218–224. https://doi.org/10.1109/ICAIIC48513.2020.9064976
Belgrana FZ, Benamrane N, Hamaida MA, Mohamed Chaabani A, Taleb-Ahmed A (2021) Network intrusion detection system using neural network and condensed nearest neighbors with selection of NSL-KDD influencing features. In: 2020 IEEE international conference on internet of things and intelligence system (IoTaIS), BALI, Indonesia. pp 23–29. https://doi.org/10.1109/IoTaIS50849.2021.9359689
Boukhamla A, Coronel J (2018) Cicids 2017 dataset: performance improvements and validation as a robust intrusion detection system testbed. Int J Inf Comput Secur (2018) 3. Cyber intelligence (CI) for cybersecurity: network traffic flow analyzer, March 2018. http://www.netflowmeter.ca/netflowmeter.html
Bouyeddou B, Kadri B, Harrou F, Sun Y (2020) DDOS-attacks detection using an efficient measurement-based statistical mechanism. Eng Sci Technol Int J 23(4):870–878 (ISSN 2215-0986)
Devan P, Khare N (2020) An efficient XGBoost–DNN-based classification model for network intrusion detection system. Neural Comput Appl 32:12499–12514. https://doi.org/10.1007/s00521-020-04708-x
Duo R, Nie X, Yang N, Yue C, Wang Y (2021) Anomaly detection and attack classification for train real-time ethernet. IEEE Access 9:22528–22541. https://doi.org/10.1109/ACCESS.2021.3055209
Haghighat MH, Li J (2021) Intrusion detection system using voting-based neural network. Tsinghua Sci Technol 26(4):484–495. https://doi.org/10.26599/TST.2020.9010022
Ho S, Jufout SA, Dajani K, Mozumdar M (2021) A novel intrusion detection model for detecting known and innovative cyberattacks using convolutional neural network. IEEE Open J Comput Soc 2:14–25. https://doi.org/10.1109/OJCS.2021.3050917
Hussain F, Abbas SG, Husnain M, Fayyaz UU, Shahzad F, Shah GA (2020) IoT DoS and DDoS attack detection using ResNet. In: 2020 IEEE 23rd international multitopic conference (INMIC), Bahawalpur, Pakistan. pp 1–6. https://doi.org/10.1109/INMIC50486.2020.9318216
Hwang K, Cai M, Chen Y, Qin M (2007) Hybrid intrusion detection with weighted signature generation over anomalous internet episodes. IEEE Trans Dependable Secure Comput 4(1):41–55
Jabez J, Muthukumar B (2015) Intrusion detection system (IDS): anomaly detection using outlier detection approach. Procedia Comput Sci 48:338–346 (ISSN 1877-0509)
Jiang K, Wang W, Wang A, Wu H (2020) Network intrusion detection combined hybrid sampling with deep hierarchical network. IEEE Access 8:32464–32476. https://doi.org/10.1109/ACCESS.2020.2973730
Li X et al (2021) Sustainable ensemble learning driving intrusion detection model. IEEE Trans Dependable and Secure Comput. https://doi.org/10.1109/TDSC.2021.3066202
Liao H-J, Lin C-HR, Lin Y-C, Tung K-Y (2018) Intrusion detection system: a comprehensive review. J Netw Comput Appl 36(1):16–24. ISSN 1084-8045. Cyber intelligence (CI) for cybersecurity: intrusion detection evaluation dataset (cicids2017), March 2018. https://www.unb.ca/cic/datasets/ids-2017.html
Lin W, Lin H, Wang P, Wu B, Tsai J (2018) Using convolutional neural networks to network intrusion detection for cyber threats. In: 2018 IEEE international conference on applied system invention (ICASI), Chiba. pp 1107–1110
Man J, Sun G (2021) A residual learning-based network intrusion detection system. Secur Commun Netw 2021:9. https://doi.org/10.1155/2021/5593435
Moustafa N, Slay J (2015) UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: Military communications and information systems conference (MilCIS). IEEE
Niyaz Q, Javaid AY, Sun W, Alam M (2015) A deep learning approach for NIDS. In: 9th EAI international conference on bio-inspired information and communications technologies, at New York
Park S, Kim M, Lee S (2018) Anomaly detection for HT%MCEPASTEBIN%TP using convolutional autoencoders. IEEE Access 6:70884–70901. https://doi.org/10.1109/ACCESS.2018.2881003
Seo W, Pak W (2021) Real-time network intrusion prevention system based on hybrid machine learning. IEEE Access 9:46386–46397. https://doi.org/10.1109/ACCESS.2021.3066620
Shone N, Ngoc T, Phai V, Shi Q (2018) A deep learning approach to network intrusion detection. IEEE Trans Emerg Top Comput Intell 2(1):41–50
Vinayakumar R, Alazab M, Soman KP, Poornachandran P, Al-Nemrat A, Venkatraman S (2019) Deep learning approach for intelligent intrusion detection system. IEEE Access 7:41525–41550
Wu P, Guo H (2019) LuNet: a deep neural network for network intrusion detection. In: 2019 IEEE symposium series on computational intelligence (SSCI), **amen, China. pp 617–624. https://doi.org/10.1109/SSCI44817.2019.9003126
**ao Y, **ng C, Zhang T, Zhao Z (2019) An intrusion detection model based on feature reduction and convolutional neural networks. IEEE Access 7:42210–42219. https://doi.org/10.1109/ACCESS.2019.2904620
Zhang X, Ran J, Mi J (2019) An intrusion detection system based on convolutional neural network for imbalanced network traffic. In: 2019 IEEE 7th international conference on computer science and network technology (ICCSNT), Dalian, China. pp 456–460. https://doi.org/10.1109/ICCSNT47585.2019.8962490
Zhou H, Hu Y, Yang X, Pan H, Guo W, Zou CC (2020) A worm detection system based on deep learning. IEEE Access 8:205444–205454. https://doi.org/10.1109/ACCESS.2020.3023434
Funding
None.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors state that there are no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Shaikh, A., Gupta, P. Real-time intrusion detection based on residual learning through ResNet algorithm. Int J Syst Assur Eng Manag (2022). https://doi.org/10.1007/s13198-021-01558-1
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s13198-021-01558-1