The International Arab Journal of Information Technology (IAJIT)


Intrusion Detection Model Using Naive Bayes and Deep Learning Technique

The increase of security threats and hacking the computer networks are one of the most dangerous issues should treat in these days. Intrusion Detection Systems (IDSs), are the most appropriate methods to prevent and detect the attacks of networks and computer systems. This study presents several techniques to discover network anomalies using data mining tasks, Machine learning technology and dependence of artificial intelligence techniques. In this research, the smart hybrid model was developed to explore any penetrations inside the network. The model divides into two basic stages. The first stage includes the Genetic Algorithm (GA) in selecting the characteristics with depends on a process of extracting, Discretize And dimensionality reduction through Proportional K-Interval Discretization (PKID) and Fisher Linear Discriminant Analysis (FLDA) on respectively. At the end of the first stage combining Naïve Bayes classifier (NB) and Decision Table (DT) using NSL-KDD data set divided into two separate groups for training and testing. The second stage completely depends on the first stage outputs (predicted class) and reclassified with multilayer perceptrons using Deep Learning4J (DL) and the use of algorithm Stochastic Gradient Descent (SGD). In order to improve the performance in terms of the accuracy in classification of penetrations, raising the average of discovering and reducing the false alarms. The comparison of the proposed model and conventional models show the superiority of the proposed model and the previous conventional hybrid models. The result of the proposed model is 99.9325 of classification accuracy, the rate of detection is 99.9738 and 0.00093 of false alarms.

[1] Aljawarneh S., Aldwairi M., and Yassein M., “Anomaly-Based Intrusion Detection System Through Feature Selection Analysis and Building Hybrid Efficient Model,” Journal of Intrusion Detection Model Using Naive Bayes and Deep Learning Technique 223 Computational Science, vol. 25, pp. 152-160, 2018.

[2] Alom M., Bontupalli V., and Taha T., “Intrusion Detection Using Deep Belief Networks,” in Proceedings of National Aerospace and Electronics Conference, Dayton, pp. 339-344, 2015.

[3] Azad C. and Jha V., “Data Mining in Intrusion Detection: A Comparative Study of Methods, Types and Data Sets,” International Journal of Information Technology and Computer Science, pp. 75-90, 2013.

[4] Azad C. and Jha V., “Data Mining based Hybrid Intrusion Detection System,” Indian Journal of Science and Technology, vol. 7, no. 6, pp. 781- 789, 2014.

[5] Bhavsar Y. and Waghmare K., “Intrusion Detection System Using Data Mining Technique: Support Vector Machine,” International Journal of Emerging Technology and Advanced Engineering, vol. 3, no. 3, pp. 581-586, 2013.

[6] Canbay Y. and Sagiroglu S., “A Hybrid Method for Intrusion Detection,” in Proceedings of IEEE 14th International Conference on Machine Learning and Applications, Miami, pp. 156-161, 2015.

[7] Chae H., Jo B., Choi S., and Park T., “Feature Selection for Intrusion Detection using NSL- KDD,” Recent Advances in Computer Science, pp. 184-187, 2013.

[8] Dhanabal L. and Shantharajah S., “A Study on NSL-KDD Dataset for Intrusion Detection System Based on Classification Algorithms,” International Journal of Advanced Research in Computer and Communication Engineering, vol. 4, no. 6, pp. 446-452, 2015.

[9] Farid D., Zhang L., Rahman C., Hossain M., and Strachan R., “Hybrid Decision Tree And Naïve Bayes Classifiers For Multi-Class Classification Tasks,” Expert Systems with Applications, vol. 41, no. 4, pp. 1937-1946, 2014.

[10] Gao N., Gao L., Gao Q., and Wang H., “An Intrusion Detection Model Based on Deep Belief Networks,” in Proceedings of 2nd International Conference on Advanced Cloud and Big Data, Huangshan, pp. 247-252, 2014.

[11] Ghazali A., Nuaimy W., Al-Atabi A., and Jamaludin I., “Comparison of Classification Models For Nsl-Kdd Dataset for Network Anomaly Detection,” Academic Journal of Science, vol. 4, no. 1, pp. 199-206, 2015.

[12] Hadi A., “Performance Analysis of Big Data Intrusion Detection System over Random Forest Algorithm,” International Journal of Applied Engineering Research, vol. 13, no. 2, pp. 1520- 1527, 2018.

[13] Hettich S. and Bay S., KDD cup 99 task description, http://kdd. ics. uci. edu/databases/kddcup99/task. html , Last Visited, 1999.

[14] Nsl-kdd Data Set for Network-Based Intrusion Detection Systems, Available on: http://nsl. cs. unb. ca/KDD/NSLKDD.html, Last Visited, 2009.

[15] Liao H., Lin C., Lin Y., and Tung K., “Intrusion Detection System: A Comprehensive Review,” Journal of Network and Computer Applications, vol. 36, no. 1, pp. 16-24, 2013.

[16] Kaliappan J., Revathi T., and Karpagam S., “Intrusion Detection using Artificial Neural Networks with Best Set of Features,” The International Arab Journal of Information Technology, vol. 12, no. 6A, pp. 728-734, 2015.

[17] Kanagalakshmi R. and Naveenantony V., “Network Intrusion Detection Using Hidden Naive Bayes Multiclass Classifier Model,” International Journal of Science, Technology and Management, vol. 3, no. 12, pp. 76-84, 2014.

[18] Kim J., Kim J., Thu H., and Kim H., “Long Short Term Memory Recurrent Neural Network Classifier for Intrusion Detection,” in Proceedings of International Conference on Platform Technology and Service, Jeju, pp. 1-5, 2016.

[19] Liao H., Lin C., Lin Y., and Tung K., “Intrusion Detection System: A Comprehensive Review,” Journal of Network and Computer Applications, vol. 36, no. 1, pp. 16-24, 2013.

[20] Modi U. and Jain A., “A Survey of IDS Classification Using KDD CUP 99 Dataset in WEKA,” International Journal of Scientific and Engineering Research, vol. 6, no. 11, pp. 947- 954, 2015.

[21] Mukherjeea S. and Sharmaa N., “Intrusion Detection using Naive Bayes Classifier with Feature Reduction,” Procedia Technology, vol. 4, pp. 119-128, 2012.

[22] Niyaz Q., Sun W., Javaid A., and Alam M., “A Deep Learning Approach for Network Intrusion Detection System,” in Proceedings of the 9th International Conference on Bio-inspired Information and Communications Technologies, pp. 21-26, 2016.

[23] Niyaz Q., Sun W., and Javaid A., “A Deep Learning Based DDoS Detection in System Software-Defined Networking,” EAI Endorsed Transactions, vol. 4, no. 12, pp. 1-12, 2016.

[24] Noureldien N. and Yousif I., “Accuracy of Machine Learning Algorithms in Detecting Dos Attacks Types,” Science and Technology, vol. 6, no. 4, pp. 89-92, 2016.

[25] Putchala M., “Deep Learning Approach for Intrusion Detection System (IDS) in the Internet of Things (IoT) Network using Gated Recurrent Neural Networks (GRU),” PhD Dissertation, Wright State University, 2017. 224 The International Arab Journal of Information Technology, Vol. 17, No. 2, March 2020

[26] Rathore M., Ahmad A., and Paul A., “Real Time Intrusion Detection System for Ultra-High-Speed Big Data Environments,” The Journal of Supercomputing, vol. 72, no. 9, pp. 3489-3510, 2016.

[27] Sujendran R. and Arunachalam M., “Design and Development of Suginer Filter for Intrusion Detection Using Real Time Network Data,” The International Arab Journal of Information Technology, vol. 15, no. 4, pp. 633-638, 2015.

[28] Tahir H., Said A., Osman N., Zakaria N., Sabri P., and Katuk N., “Oving K-Means Clustering Using Discretization Technique in Network Intrusion Detection System,” in Proceedings of 3rd International Conference on Computer and Information Sciences, Kuala Lumpur, pp. 248- 252, 2016.

[29] Tang T., Mhamdi L., McLernon D., Zaidi S., and Ghogho M., “Deep Learning Approach for Network Intrusion Detection in Software Defined Networking,” in Proceedings of International Conference on Wireless Networks and Mobile Communications, Fez, pp. 258-263, 2016.

[30] Tavallaee M., Bagheri E., Lu W., and Ghorbani A., “A Detailed Analysis of The KDD CUP 99 Data Set,” in Proceedings of IEEE Symposium on Computational Intelligence for Security and Defense Applications, Ottawa, pp. 1-6, 2009.

[31] Wutyi K. and Thwin M., “Heuristic Rules for Attack Detection Charged by NSL KDD Dataset,” in Proceedings of Genetic and Evolutionary Computing, Yangon, vol. 1, pp. 137-153, 2015. Mohammed Tabash is a holds a BSc degree in Computer Science from Al-Quds Open University (2002), studying Master of Information Systems at the faculty of computers and informatics Suez Canal University (2014). His research interests: data mining, machine learning, network security and information systems. Mohamed Abd Allah is a lecturer at the Department of information systems and decision support Faculty of Computer Science & informatics Suez Canal University. He received his First degree in Computer Science and Operation Research, Faculty of Science, Master degree in Expert systems, Faculty of Science Cairo university. And his PhD degree in computer science, Faculty of Science, Zagazig University. His research interests: Machine learning, data mining, intelligent Bioinformatics, metaheuristic optimization, and predictive models. Bella Tawfik received his B.Sc. in Electrical engineering from Military Technical Collage, Cairo, Egypt in 1986. He received his M. Sc. in Computer Engineering from the Military Technical Collage, Cairo in 1991. He received his Ph.D. in Electrical Engineering from Colorado State University in August 1999. He got his Post Doctor in Computer Engineering from Colorado State University in October 2006. He is currently assistance professor in Faculty of Computers and Informatics, Suez Canal University, Ismailia, Egypt. His current research interests are Networks, Modeling, simulation, and Image Processing.