Network Intrusion Detection using Deep Learning (eBook)
XVII, 79 Seiten
Springer Singapore (Verlag)
978-981-13-1444-5 (ISBN)
This book presents recent advances in intrusion detection systems (IDSs) using state-of-the-art deep learning methods. It also provides a systematic overview of classical machine learning and the latest developments in deep learning. In particular, it discusses deep learning applications in IDSs in different classes: generative, discriminative, and adversarial networks. Moreover, it compares various deep learning-based IDSs based on benchmarking datasets. The book also proposes two novel feature learning models: deep feature extraction and selection (D-FES) and fully unsupervised IDS. Further challenges and research directions are presented at the end of the book.
Offering a comprehensive overview of deep learning-based IDS, the book is a valuable reerence resource for undergraduate and graduate students, as well as researchers and practitioners interested in deep learning and intrusion detection. Further, the comparison of various deep-learning applications helps readers gain a basic understanding of machine learning, and inspires applications in IDS and other related areas in cybersecurity.
Kwangjo Kim is a Fellow of the International Association for Cryptologic Research (IACR). He received B.Sc. and M.Sc. degrees in Electronic Engineering from Yonsei University, Seoul, Korea, in 1980 and 1983, respectively, and a Ph.D. from the Division of Electrical and Computer Engineering, Yokohama National University, Japan, in 1991. He was a Visiting Professor at the MIT and the UC at San Diego USA, in 2005 and the Khalifa University of Science, Technology and Research, Abu Dhabi, UAE, in 2012 and an Education Specialist at the Bandung Institute of Technology, Bandung, Indonesia, in 2013. He is currently a Full Professor at the School of Computing and Graduate School of Information Security, Korea Advanced Institute of Science and Technology, Daejeon, the Korean representative to IFIP TC-11 and the honorary President of the Korea Institute of Information Security and Cryptography (KIISC). His current research interests include the theory and practices of cryptology and information security. Prof. Kim served as a Board Member of the IACR from 2000 to 2004, Chairperson of the Asiacrypt Steering Committee from 2005 to 2008 and President of KIISC in 2009. He is also a member of IEICE, IEEE, ACM and KIISC.
Muhamad Erza Aminanto received B.S. and M.S. degrees in Electrical Engineering from Bandung Institute of Technology (ITB), Indonesia in 2013 and 2014, respectively. He is pursuing his Ph.D in the School of Computing at Korea Advanced Institute of Science and Technology (KAIST), South Korea. His current research interests include machine-learning, intrusion detection systems and big data analytics. His recent work entitled 'Deep Abstraction and Weighted Feature Selection for Wi-Fi Impersonation Detection' was published with Kwangjo Kim in IEEE Transactions of Information Forensics and Security (IF:4.332) in 2017.
Harry Chandra Tanuwidajaja received B.S. and M.S. degrees in Electrical Engineering from the Bandung Institute of Technology (ITB), Indonesia in 2013 and 2015, respectively. He is pursuing his Ph.D in the School of Computing at the Korea Advanced Institute of Science and Technology (KAIST), South Korea. His current research interests include malware detection, machine-learning, and intrusion detection systems
This book presents recent advances in intrusion detection systems (IDSs) using state-of-the-art deep learning methods. It also provides a systematic overview of classical machine learning and the latest developments in deep learning. In particular, it discusses deep learning applications in IDSs in different classes: generative, discriminative, and adversarial networks. Moreover, it compares various deep learning-based IDSs based on benchmarking datasets. The book also proposes two novel feature learning models: deep feature extraction and selection (D-FES) and fully unsupervised IDS. Further challenges and research directions are presented at the end of the book. Offering a comprehensive overview of deep learning-based IDS, the book is a valuable reerence resource for undergraduate and graduate students, as well as researchers and practitioners interested in deep learning and intrusion detection. Further, the comparison of various deep-learning applications helps readers gain a basic understanding of machine learning, and inspires applications in IDS and other related areas in cybersecurity.
Kwangjo Kim is a Fellow of the International Association for Cryptologic Research (IACR). He received B.Sc. and M.Sc. degrees in Electronic Engineering from Yonsei University, Seoul, Korea, in 1980 and 1983, respectively, and a Ph.D. from the Division of Electrical and Computer Engineering, Yokohama National University, Japan, in 1991. He was a Visiting Professor at the MIT and the UC at San Diego USA, in 2005 and the Khalifa University of Science, Technology and Research, Abu Dhabi, UAE, in 2012 and an Education Specialist at the Bandung Institute of Technology, Bandung, Indonesia, in 2013. He is currently a Full Professor at the School of Computing and Graduate School of Information Security, Korea Advanced Institute of Science and Technology, Daejeon, the Korean representative to IFIP TC-11 and the honorary President of the Korea Institute of Information Security and Cryptography (KIISC). His current research interests include the theory and practices of cryptology and information security. Prof. Kim served as a Board Member of the IACR from 2000 to 2004, Chairperson of the Asiacrypt Steering Committee from 2005 to 2008 and President of KIISC in 2009. He is also a member of IEICE, IEEE, ACM and KIISC. Muhamad Erza Aminanto received B.S. and M.S. degrees in Electrical Engineering from Bandung Institute of Technology (ITB), Indonesia in 2013 and 2014, respectively. He is pursuing his Ph.D in the School of Computing at Korea Advanced Institute of Science and Technology (KAIST), South Korea. His current research interests include machine-learning, intrusion detection systems and big data analytics. His recent work entitled "Deep Abstraction and Weighted Feature Selection for Wi-Fi Impersonation Detection” was published with Kwangjo Kim in IEEE Transactions of Information Forensics and Security (IF:4.332) in 2017. Harry Chandra Tanuwidajaja received B.S. and M.S. degrees in Electrical Engineering from the Bandung Institute of Technology (ITB), Indonesia in 2013 and 2015, respectively. He is pursuing his Ph.D in the School of Computing at the Korea Advanced Institute of Science and Technology (KAIST), South Korea. His current research interests include malware detection, machine-learning, and intrusion detection systems
Preface 7
Acknowledgments 9
Contents 10
Acronyms 13
1 Introduction 16
References 19
2 Intrusion Detection Systems 20
2.1 Definition 20
2.2 Classification 20
2.3 Benchmark 23
2.3.1 Performance Metric 23
2.3.2 Public Dataset 24
References 25
3 Classical Machine Learning and Its Applications to IDS 27
3.1 Classification of Machine Learning 27
3.1.1 Supervised Learning 27
3.1.1.1 Support Vector Machine 27
3.1.1.2 Decision Tree 28
3.1.2 Unsupervised Learning 29
3.1.2.1 K-Means Clustering 29
3.1.2.2 Ant Clustering 29
3.1.2.3 (Sparse) Auto-Encoder 30
3.1.3 Semi-supervised Learning 33
3.1.4 Weakly Supervised Learning 34
3.1.5 Reinforcement Learning 34
3.1.6 Adversarial Machine Learning 35
3.2 Machine-Learning-Based Intrusion Detection Systems 35
References 38
4 Deep Learning 41
4.1 Classification 41
4.2 Generative (Unsupervised Learning) 41
4.2.1 Stacked (Sparse) Auto-Encoder 42
4.2.2 Boltzmann Machine 44
4.2.3 Sum-Product Networks 44
4.2.4 Recurrent Neural Networks 44
4.3 Discriminative 46
4.4 Hybrid 46
4.4.1 Generative Adversarial Networks (GAN) 46
References 47
5 Deep Learning-Based IDSs 49
5.1 Generative 49
5.1.1 Deep Neural Network 49
5.1.2 Accelerated Deep Neural Network 50
5.1.3 Self-Taught Learning 51
5.1.4 Stacked Denoising Auto-Encoder 52
5.1.5 Long Short-Term Memory Recurrent Neural Network 52
5.2 Discriminative 53
5.2.1 Deep Neural Network in Software-Defined Networks 53
5.2.2 Recurrent Neural Network 54
5.2.3 Convolutional Neural Network 54
5.2.4 Long Short-Term Memory Recurrent Neural Network 55
5.2.4.1 LSTM-RNN Staudemeyer 55
5.2.4.2 LSTM-RNN for Collective Anomaly Detection 55
5.2.4.3 GRU in IoT 55
5.2.4.4 LSTM-RNN for DDoS 56
5.3 Hybrid 56
5.3.1 Adversarial Networks 56
5.4 Deep Reinforcement Learning 57
5.5 Comparison 57
References 58
6 Deep Feature Learning 60
6.1 Deep Feature Extraction and Selection 60
6.1.1 Methodology 61
6.1.2 Evaluation 65
6.1.2.1 Dataset Preprocessing 65
6.1.2.2 Experimental Result 66
6.2 Deep Learning for Clustering 72
6.2.1 Methodology 75
6.2.2 Evaluation 76
6.3 Comparison 78
References 80
7 Summary and Further Challenges 82
References 83
Appendix A A Survey on Malware Detection from Deep Learning 84
A.1 Automatic Analysis of Malware BehaviorUsing Machine Learning 84
A.2 Deep Learning for Classification of Malware System Call Sequences 85
A.3 Malware Detection with Deep Neural Network Using Process Behavior 86
A.4 Efficient Dynamic Malware Analysis Based on Network Behavior Using Deep Learning 86
A.5 Automatic Malware Classification and New Malware Detection Using Machine Learning 87
A.6 DeepSign: Deep Learning for Automatic Malware Signature Generation and Classification 88
A.7 Selecting Features to Classify Malware 88
A.8 Analysis of Machine-Learning Techniques Used in Behavior-Based Malware Detection 89
A.9 Malware Detection Using Machine-Learning-Based Analysis of Virtual Memory Access Patterns 90
A.10 Zero-Day Malware Detection 90
References 91
| Erscheint lt. Verlag | 25.9.2018 |
|---|---|
| Reihe/Serie | SpringerBriefs on Cyber Security Systems and Networks |
| Zusatzinfo | XVII, 79 p. 30 illus., 11 illus. in color. |
| Verlagsort | Singapore |
| Sprache | englisch |
| Themenwelt | Informatik ► Datenbanken ► Data Warehouse / Data Mining |
| Informatik ► Netzwerke ► Sicherheit / Firewall | |
| Informatik ► Theorie / Studium ► Künstliche Intelligenz / Robotik | |
| Technik ► Elektrotechnik / Energietechnik | |
| Technik ► Nachrichtentechnik | |
| Schlagworte | Anomaly Detection • Big Data • Deep learning classification • Deep learning for dummies • Detection of unknown attacks • Feature learning • intrusion detection system • Intrusion detection system using neural networks • machine learning • Security and Privacy • wireless networks |
| ISBN-10 | 981-13-1444-6 / 9811314446 |
| ISBN-13 | 978-981-13-1444-5 / 9789811314445 |
| Haben Sie eine Frage zum Produkt? |
PDF (Wasserzeichen)Größe: 2,1 MB
DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasserzeichen und ist damit für Sie personalisiert. Bei einer missbräuchlichen Weitergabe des eBooks an Dritte ist eine Rückverfolgung an die Quelle möglich.
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.
Zusätzliches Feature: Online Lesen
Dieses eBook können Sie zusätzlich zum Download auch online im Webbrowser lesen.
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
