Anomaly Intrusion Detection Method based on RNA Encoding and ResNet50 Model

Article Sidebar

PDF PDF Views 88 views
Published: Aug 28, 2024
DOI: https://doi.org/10.58496/MJCS/2024/011
Keywords:
Anomaly, Intrusion Detection, Encoding, Boyer–Moore Algorithm, Matching

Main Article Content

Mohammed Subhi
Department of Planning, Directorate of Private University Education, Ministry of Higher Education and Scientific Research, Baghdad, Iraq.
Omar Fitian Rashid
Department of Geology, College of Science, University of Baghdad, Baghdad, Iraq.
Safa Ahmed Abdulsahib
Department of Computer Science, College of Science, University of Baghdad, Baghdad, Iraq.
Mohammed Khaleel Hussein
Department of Planning, Directorate of Private University Education, Ministry of Higher Education and Scientific Research, Baghdad, Iraq.
Saleh Mahdi Mohammed
Department of Computer Technology Engineering, Technical College, Imam Ja'afar Al-Sadiq University, Baghdad, Iraq.

Abstract

Cybersecurity refers to the actions that are used by people and companies to protect themselves and their information from cyber threats. Different security methods have been proposed for detecting abnormal network behavior, but some effective attacks are still a major concern in the computer community. Many security gaps, such as denial of service, spam, phishing, and other types of attacks, are reported daily, and the number of attacks is growing. Intrusion detection is a security protection method that is used to detect and report any abnormal traffic automatically that may affect network security, such as internal attacks, external attacks, and maloperations. This paper proposes an anomaly intrusion detection system method based on a new RNA encoding method and the ResNet50 Model, where encoding is performed by splitting the training records into different groups. These groups are protocol, service, flag, and digit, and each group is represented by the number of RNA characters that can represent the group's values. The RNA encoding phase converts network traffic records into RNA sequences, allowing for a comprehensive representation of the dataset. The detection model, which uses the ResNet architecture, effectively addresses training challenges and achieves high detection rates for different attack types. The KDD-Cup99 dataset is used for both training and testing. The testing dataset includes new attacks that do not appear in the training dataset, which means that the system can detect new attacks in the future. The efficiency of the suggested anomaly intrusion detection system is determined by calculating the detection rate (DR), false alarm rate (FAR), and accuracy. The achieved DR, FAR, and accuracy are 96.24%, 6.133%, and 95.99%, respectively. The experimental results revealed that the RNA encoding method can improve intrusion detection.

Downloads

Download data is not yet available.

Article Details

How to Cite
Subhi, M., Rashid , O. F., Abdulsahib , S. A., Hussein , M. K., & Mohammed , S. M. (2024). Anomaly Intrusion Detection Method based on RNA Encoding and ResNet50 Model. Mesopotamian Journal of CyberSecurity, 4(2), 120–128. https://doi.org/10.58496/MJCS/2024/011
Issue
Vol. 4 No. 2 (2024)
Section
Articles
Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Crossref
Scopus
Google Scholar
Europe PMC

References

Z. Yang, X. Liu, T. Li, D. Wu, J. Wang, Y. Zhao, and H. Han, “A systematic literature review of methods and datasets for anomaly-based network intrusion detection,” Computers & Security, vol. 116. 2022.

S. Neupane, J. Ables, W. Anderson, S. Mittal, S. Rahimi, I. Banicescu, and M. Seale, “Explainable intrusion detection systems (X-IDS): A survey of current methods, challenges, and opportunities,” IEEE Access, vol. 10, pp. 112392-112415, 2022.

L. L. de Oliveira, G. H. Eisenkraemer, E. A. Carara, J. B. Martins, and J. Monteiro, “Mobile Localization Techniques for Wireless Sensor Networks: Survey and Recommendations,” ACM Trans. Sens. Netw., vol. 19, no. 2, pp. 36:1-36:39, Apr. 2023, doi: 10.1145/3561512.

S. Abaimov and G. Bianchi, “CODDLE: Code-Injection Detection with Deep Learning,” IEEE Access, vol. 7, pp. 128617–128627, 2019, doi: 10.1109/ACCESS.2019.2939870.

D. K. Ghurkan and A. A. Abdulrahman, “Construct an Efficient DDoS Attack Detection System Based on RF-C4.5-GridSearchCV,” in 2022 Iraqi International Conference on Communication and Information Technologies (IICCIT), Sep. 2022, pp. 120–124. doi: 10.1109/IICCIT55816.2022.10010645.

A. Tanwar, P. Sharma, A. Pandey, and S. Kumar, “Intrusion Detection System Based Ameliorated Technique of Pattern Matching,” Proceedings of the 4th International Conference on Information Management & Machine Intelligence, 2022. doi: 10.1145/3590837.3590947.

K. Zhang, F. Zhao, S. Luo, Y. Xin, and H. Zhu, “An Intrusion Action-Based IDS Alert Correlation Analysis and Prediction Framework,” IEEE Access, vol. 7, pp. 150540–150551, 2019, doi: 10.1109/ACCESS.2019.2946261.

J. Li, M. S. Othman, H. Chen, and L. M. Yusuf, “Optimizing IoT intrusion detection system: feature selection versus feature extraction in machine learning,” J. Big Data, vol. 11, no. 1, 2024, doi: 10.1186/s40537-024-00892-y.

V. Tanksale, “Intrusion detection system for controller area network,” Cybersecurity, vol. 7, no. 1, 2024, doi: 10.1186/s42400-023-00195-4.

K. He, X. Zhang, S. Ren, and J. Sun, "Deep Residual Learning for Image Recognition," Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR), pp. 770-778, 2016. DOI: 10.1109/CVPR.2016.90.

K. H. Abdulkareem, M. A. Subhi, M. A. Mohammed, M. Aljibawi, J. Nedoma, R. Martinek, M. Deveci, W. Shang, and W. Pedrycz, “A manifold intelligent decision system for fusion and benchmarking of deep waste-sorting models,” Engineering Applications of Artificial Intelligence, vol. 132, 2024, https://doi.org/10.1016/j.engappai.2024.107926.

R. Entezari-Maleki, M. Gharib, M. Khosravi, and A. Movaghar, “IDS modelling and evaluation in WANETs against black/grey-hole attacks using stochastic models,” Int. J. Ad Hoc Ubiquitous Comput., vol. 27, no. 3, pp. 171–186, 2018, doi: 10.1504/IJAHUC.2018.089822.

O. F. Rashid, Z. A. Othman, S. Zainudin and N. A. Samsudin, "DNA Encoding and STR Extraction for Anomaly Intrusion Detection Systems," in IEEE Access, vol. 9, pp. 31892-31907, 2021, doi: 10.1109/ACCESS.2021.3055431.

G. Loganathan, J. Samarabandu, and X. Wang, “Real-Time Intrusion Detection in Network Traffic Using Adaptive and Auto-Scaling Stream Processor,” presented at the Proceedings - IEEE Global Communications Conference, GLOBECOM, 2018. doi: 10.1109/GLOCOM.2018.8647489.

T. B. Alhijaj, S. M. Hameed, and B. A. Attea, “A Decision Tree-Aware Genetic Algorithm for Botnet Detection,” Iraqi J. Sci., pp. 2454–2462, Jul. 2021, doi: 10.24996/ijs.2021.62.7.34.

P. Freitas De Araujo-Filho, A. J. Pinheiro, G. Kaddoum, D. R. Campelo, and F. L. Soares, “An Efficient Intrusion Prevention System for CAN: Hindering Cyber-Attacks with a Low-Cost Platform,” IEEE Access, vol. 9, pp. 166855–166869, 2021, doi: 10.1109/ACCESS.2021.3136147.

M. Alazab, R. A. Khurma, A. Awajan, and D. Camacho, “A new intrusion detection system based on Moth–Flame Optimizer algorithm,” Expert Syst. Appl., vol. 210, 2022, doi: 10.1016/j.eswa.2022.118439.

O. F. Rashid, Z. A., Othman, and S. Zainudin, “Four Char DNA Encoding for Anomaly Intrusion Detection System”, Proceedings of the 2019 5th International Conference on Computer and Technology Applications, 2019. DOI: 10.1145/3323933.3324069.

G. Sugitha, B. C. Preethi, and G. Kavitha, “Intrusion detection framework using stacked auto encoder based deep neural network in IOT network,” Concurr. Comput. Pract. Exp., vol. 34, no. 28, 2022, doi: 10.1002/cpe.7401.

M. H. Behiry and M. Aly, “Cyberattack detection in wireless sensor networks using a hybrid feature reduction technique with AI and machine learning methods,” J. Big Data, vol. 11, no. 1, 2024, doi: 10.1186/s40537-023-00870-w.

Y. Yang, J. Cheng, Z. Liu, H. Li, and G. Xu, “A multi-classification detection model for imbalanced data in NIDS based on reconstruction and feature matching,” J. Cloud Comput., vol. 13, no. 1, 2024, doi: 10.1186/s13677-023-00584-7.

N. Fouad, and S. M. Hameed, “Genetic Algorithm based Clustering for Intrusion Detection”, Iraqi Journal of Science. Vol. 58, no. 2B, pp. 929-938, 2022, https://ijs.uobaghdad.edu.iq/index.php/eijs/article/view/6067.

A. A. Abdualrahman, and M. K. Ibrahem, “Intrusion Detection System Using Data Stream Classification”, Iraqi Journal of Science, vol. 62, no. 1, p.p. 319-328, 2021, DOI: 10.24996/ijs.2021.62.1.30.

J.Jasmine Hephzipah, Ranadheer Reddy Vallem, M.Sahaya Sheela, and G.Dhanalakshmi, “An efficient cyber security system based on flow-based anomaly detection using Artificial neural network”, Mesopotamian Journal of CyberSecurity, vol. 2023, pp. 48–56, Mar. 2023, DOI: https://doi.org/10.58496/MJCS/2023/009.

Muna Ismael Shihan Al-jumaili and Dr. Jad Bazzi, “Cyber-Attack Detection for Cloud-Based Intrusion Detection Systems ”, Mesopotamian Journal of CyberSecurity, vol. 2023, pp. 170–182, Nov. 2023, DOI: https://doi.org/10.58496/MJCS/2022/019.

R. Gomes, C. Kamrowski, J. Langlois, P. Rozario, I. Dircks, K. Grottodden, M. Martinez,W. Z. Tee, K. Sargeant, C. LaFleur, and M. Haley, “A Comprehensive Review of Machine Learning Used to Combat COVID-19,” Diagnostics, vol. 12, no. 8, pp. 1853, 2022,. https://doi.org/10.3390/diagnostics12081853.