Detection and classification of network attacks using the deep neural network cascade

Article Sidebar

PDF
Published:
2021-10-15
DOI: https://doi.org/10.15276/hait.03.2021.4
Keywords:
deep learning, NIDS, CNN, LSTM, deep neural networks, hybrid neural networks
PDF

How to cite

How to Cite

(1)
Shpinareva I. M.; Yakushina A. A.; Voloshchuk L. A.; Rudnichenko N. D. " Detection and Classification of Network Attacks Using the Deep Neural Network Cascade" Publ. Nauka i Tekhnika. Odesa: Ukraine. Herald of Advanced Information Technology 4 (3), 244-254. https://doi.org/10.15276/hait.03.2021.4.

Main Article Content

Irina M. Shpinareva
Odessa I. I. Mechnikov National University. 2, St. Dvoryanskaya. Odessa, 65026, Ukraine
https://orcid.org/0000-0001-9208-4923
Anastasia A. Yakushina
Odessa I. I. Mechnikov National University. 2, St. Dvoryanskaya, Odessa, 65026, Ukraine
https://orcid.org/0000-0001-9510-159X
Lyudmila A. Voloshchuk
Odessa I. I. Mechnikov National University. 2, St. Dvoryanskaya. Odessa, 65026, Ukraine
https://orcid.org/0000-0002-2510-0038
Nikolay D. Rudnichenko
Odessa National Polytechnic University. 1, Shevchenko Ave. Odessa, 65044, Ukraine
https://orcid.org/0000-0002-7343-8076

Abstract

This article shows the relevance of developing a cascade of deep neural networks for detecting and classifying network attacks based on an analysis of the practical use of network intrusion detection systems to protect local computer networks. A cascade of deep neural networks consists of two elements. The first network is a hybrid deep neural network that contains convolutional neural network layers and long short-term memory layers to detect attacks. The second network is a CNN convolutional neural network for classifying the most popular classes of network attacks such as Fuzzers, Analysis, Backdoors, DoS, Exploits, Generic, Reconnaissance, Shellcode, and Worms. At the stage of tuning and training the cascade of deep neural networks, the selection of hyperparameters was carried out, which made it possible to improve the quality of the model. Among the available public datasets, one of the current UNSW-NB15 datasets was selected, taking into account modern traffic. For the data set under consideration, a data preprocessing technology has been developed. The cascade of deep neural networks was trained, tested, and validated on the UNSW-NB15 dataset. The cascade of deep neural networks was tested on real network traffic, which showed its ability to detect and classify attacks in a computer network. The use of a cascade of deep neural networks, consisting of a hybrid neural network CNN + LSTM and a neural network CNN has improved the accuracy of detecting and classifying attacks in computer networks and reduced the frequency of false alarms in detecting network attacks

Downloads

Download data is not yet available.

Article Details

Issue

Vol. 4 No. 3 (2021): Herald of Advanced Information Technology

Topics

Section

Information technologies and computer systems

Authors

Author Biographies

Irina M. Shpinareva, Odessa I. I. Mechnikov National University. 2, St. Dvoryanskaya. Odessa, 65026, Ukraine

PhD in Physico-mathematical sciences, Associate Professor of the Department of Mathematical Support of Computer Systems

Scopus ID: 8532376700

Anastasia A. Yakushina, Odessa I. I. Mechnikov National University. 2, St. Dvoryanskaya, Odessa, 65026, Ukraine

Master of the Department of Mathematical Support of Computer Systems.

Lyudmila A. Voloshchuk, Odessa I. I. Mechnikov National University. 2, St. Dvoryanskaya. Odessa, 65026, Ukraine

PhD (Eng), Associate Professor of the Department of Mathematical Support of Computer Systems

Nikolay D. Rudnichenko, Odessa National Polytechnic University. 1, Shevchenko Ave. Odessa, 65044, Ukraine

PhD (Eng), Associate Professor of the Department of Information Technology

Scopus ID: 57191406873

Most read articles by the same author(s)

Similar Articles

You may also start an advanced similarity search for this article.