SpringerLink
Log in

Temporal Features Learning Using Autoencoder for Anomaly Detection in Network Traffic

  • Conference paper
  • First Online:
Computational Intelligence Methods for Green Technology and Sustainable Development (GTSD 2020)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1284))

  • 735 Accesses

Abstract

Anomaly detection in network traffic with the high-volume and rapidity is a challenging. Data arrives along with the time with latent distribution changes lead to a single stationary model that doesn’t match streaming data all the time. Therefore, it is necessary to maintain a dynamic system to adapt to changes in the network environment. In solving that problem, supervised learning methods have attracted extensive attention for their capability to detect attacks known as anomalies. However, they require a large amount of labeled training data to train an effective model, which is difficult and expensive to obtain. In this paper, we propose to use LSTM Auto-encoder to extract temporal features from different sequences of network packets that are unlabeled or partially labeled data. After obtaining good data representation, the feedforward neural networks are applied to perform the identification of network traffic anomalies. Our experimental results with the ISCX-IDS-2012 dataset show that our work obtains high performance in intrusion detection with accuracy approximately 99%.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. LeCun, Y., Bengio, Y., Hinton, G.: Deep learning. Nat. Int. J. Sci. 521, 436–444 (2015)

    Google Scholar 

  2. Klaus, G., Rupesh, K.S., Jan, K., et al.: LSTM - a search space odyssey. Trans. Neural Netw. Learn. Syst. 28(10), 2222–2232 (2017)

    Article  MathSciNet  Google Scholar 

  3. Cho, K., Van Merriënboer, B., Gulcehre, C., Bahdanau, D., Bougares, F., Schwenk, H., Bengio, Y.: Learning Phrase Representations using RNN Encoder-Decoder for Statistical Machine Translation, ar** a systematic approach to generate benchmark datasets for intrusion detection. Comput. Secur. 31(3), 357–374 (2012)

    Article  Google Scholar 

  4. Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. 41(3), 1–58 (2009)

    Article  Google Scholar 

  5. Davis, J.J., Clark, A.J.: Data preprocessing for anomaly based network intrusion detection: a review. Comput. Secur. 30(6–7), 353–375 (2011)

    Article  Google Scholar 

  6. Ahmadi, M., Ulyanov, D., Semenov, S., Trofimov, M., Giacinto, G.: Novel feature extraction, selection and fusion for effective malware family classification. In: 6th ACM Conference on Data and Application Security and Privacy (2016)

    Google Scholar 

  7. Bhattacharyya, D.K., Kalita, J.K.: Network Anomaly Detection-A Machine Learning Perspective. CRC Press, Taylor & Francis Group (2014)

    Google Scholar 

  8. Bengio, Y., Lamblin, P., Popovici, D., Larochelle, H.: Greedy layer-wise training of deep networks. In: Advances in Neural Information Processing Systems 19 (2006)

    Google Scholar 

  9. Zhou, G., Sohn, K., Lee, H.: Online incremental feature learning with denoising autoencoders. In: the 15th International Conference on Artificial Intelligence and Statistics (AISTATS) (2012)

    Google Scholar 

  10. Mirsky, Y., Doitshman, T., Elovici, Y., Shabtai, A.: Kitsune: an ensemble of autoencoders for online NID. In: Network and Distributed Systems Security Symposium (NDSS), San Diego, CA, USA (2018)

    Google Scholar 

  11. Niyaz, Q., Sun, W., Javaid, A., Alam, M.: A deep learning approach for NIDS. In: Bio-inspired Information and Communications Technologies, (BIONETICS), Brussels, Belgium (2014)

    Google Scholar 

  12. Yousefi-Azar, M., Varadharajan, V., Hamey, L., Tupakula, U.: Autoencoder-based feature learning for cyber security applications. In: International Joint Conference on Neural Networks (IJCNN), Anchorage, AK, USA (2017)

    Google Scholar 

  13. Farahnak, F., Heikkonen, J.: A deep auto-encoder based approach for IDS. In: International Conference on Advanced Communications Technology (ICACT), Korea (2018)

    Google Scholar 

  14. Srivastava, N., Mansimov, E., Salakhutdinov, R.: Unsupervised learning of video representations using LSTMs. In: 32nd International Conference on Machine, France (2015)

    Google Scholar 

  15. Zhang, Z., Ringeval, F., Han, J., Deng, J., Marchi, E., et al.: Facing realism in spontaneous emotion recognition from speech: feature enhancement by autoencoder with LSTM. In: 17th Annual Conference of the International Speech, INTERSPEECH, San Francisco, CA, US (2016)

    Google Scholar 

  16. Mehdiyeva, N., Lahanna, J., Emricha, A., Enkeb, D., Fettkea, P., Loosa, P.: Time series classification using deep learning for process planning: a case from the process industry. In: the Complex Adaptive Systems Conference with Theme: Engineering Cyber Physical Systems, Chicago, Illinois, USA (2017)

    Google Scholar 

  17. Abadi, M., et al.: TensorFlow: large-scale machine learning on heterogeneous distributed systems, March 2016. https://arxiv.org/abs/1603.04467

  18. Mirza, A.H., Cosan, S.: Computer network intrusion detection using sequential LSTM neural networks autoencoders. In: 26th Signal Processing and Communications Applications Conference (SIU), Izmir, Turkey (2018)

    Google Scholar 

  19. Tan, Z., Jam, A., He, X., Nanda, P., Liu, R., Hu, J.: Detection of dos attacks based on computer vision techniques. IEEE Trans. Comput. 64(9), 15 (2015)

    Article  Google Scholar 

  20. Kumar, G., Kumar, K.: Design of an evolutionary approach for intrusion, vol. 2013, p. 14. Hindawi Publishing Corporation (2013)

    Google Scholar 

  21. Yassin, W., Udzir, N., Muda, Z., Sulaiman, M.: Anomaly-based intrusion detection through Kmeans clustering and Naives Bayes classification. In: International Conference on Computing and Informatics (ICOCI), Malaysia (2013)

    Google Scholar 

  22. Li, C., Wang, J., Ye, X.: Using a recurrent neural network and restricted boltzmann machines for malicious traffic detection. NeuroQuantology 16(5), 823–831 (2018)

    Google Scholar 

  23. Wang, W., Sheng, Y., Wang, J.: HAST-IDS: learning hierarchical spatial-temporal features using DNNs to improve intrusion detection. IEEE Access 6, 1792–1806 (2018)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Computer Science and Engineering, Ho Chi Minh City University of Technology, VNUHCM, Ho Chi Minh City, Viet Nam

    Nguyen Thanh Van, Le Thanh Sach & Tran Ngoc Thinh

  2. Ho Chi Minh City University of Technology and Education, Ho Chi Minh City, Viet Nam

    Nguyen Thanh Van

Authors
  1. Nguyen Thanh Van
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Le Thanh Sach
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tran Ngoc Thinh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nguyen Thanh Van .

Editor information

Editors and Affiliations

  1. Department of Electrical Engineering, National Taipei University of Technology, Taipei, Taiwan

    Yo-** Huang

  2. Department of Electrical Engineering, National Central University, Jhongli City, Taoyuan Hsien, Taiwan

    Wen-June Wang

  3. University of Technology and Education, Ho Chi Minh City, Vietnam

    Hoang An Quoc

  4. University of Technology and Education, Ho Chi Minh City, Vietnam

    Le Hieu Giang

  5. University of Da Nang, Danang City, Vietnam

    Nguyen-Le Hung

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Van, N.T., Sach, L.T., Thinh, T.N. (2021). Temporal Features Learning Using Autoencoder for Anomaly Detection in Network Traffic. In: Huang, YP., Wang, WJ., Quoc, H.A., Giang, L.H., Hung, NL. (eds) Computational Intelligence Methods for Green Technology and Sustainable Development. GTSD 2020. Advances in Intelligent Systems and Computing, vol 1284. Springer, Cham. https://doi.org/10.1007/978-3-030-62324-1_2

Download citation

Publish with us

Policies and ethics

Search

Navigation