Title: Combination of a DAE-CNN and OC-SVDD for intrusion detection

Authors: Hamza Frihia; Halima Bahi; Djamel Eddine Mahrougui

Addresses: LISCO Laboratory, Badji Mokhtar University, BP. 12, 23000 Annaba, Algeria; Ferhat Abbas Unversity, Campus El Bez. 19000, Sétif, Algeria ' LISCO Laboratory, Badji Mokhtar University, BP. 12, 23000 Annaba, Algeria ' Ferhat Abbas Unversity, Campus El Bez. 19000, Sétif, Algeria

Abstract: The extensive use of the internet has favoured the emergence of intrusion detection systems (IDSs). The detection of malicious events requires the learning of the patterns representing the attacks. Meanwhile, new threats appear regularly. Thus, it is crucial to develop IDSs that do not depend on malicious patterns. In this paper, we propose an IDS based on the deep auto-encoder (DAE) algorithm for feature extraction, and on the one-class support vector data description (OC-SVDD) method for intrusion detection. The DAE is trained exclusively on normal patterns and is expected to extract robust features representing the normal traffic. The OC-SVDD is trained based on these features, thus, during the test stage, malicious events are classified as outliers. We report experiments, on the well-known NSL-KDD dataset. The experimental results show an accuracy of about 97.73% and prove the potential of the proposed.

Keywords: computer security; intrusion detection system; IDSs; anomaly detection; one-class support vector data description; OC-SVDD; deep auto-encoder; DAE; convolutional neural network; CNNs; NSL-KDD dataset; one-class support vector machine; OC-SVM.

DOI: 10.1504/IJCSYSE.2021.121359

International Journal of Computational Systems Engineering, 2021 Vol.6 No.5, pp.239 - 245

Received: 01 Nov 2020
Accepted: 14 May 2021
Published online: 07 Mar 2022 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article