Optimizing Network Security using LSTM Algorithm for Traffic Classification on UNSWNB15 and KDDCUP99 Dataset
Keywords:
Machine Learning, Deep Learning, Long-Short Term Memory, bidirectional LSTM, UNSWNB15, KDDCUP99Abstract
Various systems depend on the capability to classify network traffic for tasks such as detecting intrusions, enforcing policies, and managing traffic. Machine Learning (ML) and especially Deep Learning (DL) based classifiers have shown exceptional accuracy in classifying network traffic, despite the fact that many applications encrypt their network data and others change their port numbers constantly. This paper proposes a classification approach using graph convolution and Long-Short Term Memory (LSTM) to handle coupled network data flows. In order to analyse the spatial topological and temporal properties of the LSTM, the traffic flow data has to be preprocessed. Ultimately, the approach is evaluated on a portion of the UNSWNB15 and KDDCUP99 datasets to quantify its effectiveness. The proposed methodology has shown its ability to effectively derive potential attributes from network traffic data via successful experimentation. The recommended strategy is shown to be effective and performs better than other methods such as feature selection, bidirectional LSTM (BiDLSTM), and CNN-LSTM in terms of classification performance.
Downloads
References
M. Sadeghzadeh, S. Shiravi and R. Jalili, "Adversarial Network Traffic: Towards Evaluating the Robustness of Deep-Learning-Based Network Traffic Classification," in IEEE Transactions on Network and Service Management, vol. 18, no. 2, pp. 1962-1976, June 2021, doi: 10.1109/TNSM.2021.3052888.
Z. Bu, B. Zhou, P. Cheng, K. Zhang and Z. -H. Ling, "Encrypted Network Traffic Classification Using Deep and Parallel Network-in-Network Models," in IEEE Access, vol. 8, pp. 132950-132959, 2020, doi: 10.1109/ACCESS.2020.3010637.
S. S. Sepasgozar and S. Pierre, "Network Traffic Prediction Model Considering Road Traffic Parameters Using Artificial Intelligence Methods in VANET," in IEEE Access, vol. 10, pp. 8227-8242, 2022, doi: 10.1109/ACCESS.2022.3144112.
Y. Wang, X. Yun, Y. Zhang, C. Zhao and X. Liu, "A Multi-Scale Feature Attention Approach to Network Traffic Classification and Its Model Explanation," in IEEE Transactions on Network and Service Management, vol. 19, no. 2, pp. 875-889, June 2022, doi: 10.1109/TNSM.2022.3149933.
S. Fathi-Kazerooni and R. Rojas-Cessa, "GAN Tunnel: Network Traffic Steganography by Using GANs to Counter Internet Traffic Classifiers," in IEEE Access, vol. 8, pp. 125345-125359, 2020, doi: 10.1109/ACCESS.2020.3007577.
S. Fathi-Kazerooni and R. Rojas-Cessa, "Countering Machine-Learning Classification of Applications by Equalising Network Traffic Statistics," in IEEE Transactions on Network Science and Engineering, vol. 8, no. 4, pp. 3392-3403, 1 Oct.-Dec. 2021, doi: 10.1109/TNSE.2021.3113656.
M. S. Sheikh and Y. Peng, "Procedures, Criteria, and Machine Learning Techniques for Network Traffic Classification: A Survey," in IEEE Access, vol. 10, pp. 61135-61158, 2022, doi: 10.1109/ACCESS.2022.3181135.
Galal and X. Hesselbach, "Machine Learning Models for Traffic Classification in Electromagnetic Nano-Networks," in IEEE Access, vol. 10, pp. 38089-38103, 2022, doi: 10.1109/ACCESS.2022.3165013.
K. -H. N. Bui, H. Oh and H. Yi, "Traffic Density Classification Using Sound Datasets: An Empirical Study on Traffic Flow at Asymmetric Roads," in IEEE Access, vol. 8, pp. 125671-125679, 2020, doi: 10.1109/ACCESS.2020.3007917.
Mareri, G. Owusu Boateng, R. Ou, G. Sun, Y. Pang and G. Liu, "MANTA: Multi-Lane Capsule Network Assisted Traffic Classification for 5G Network Slicing," in IEEE Wireless Communications Letters, vol. 11, no. 9, pp. 1905-1909, Sept. 2022, doi: 10.1109/LWC.2022.3186529.
Shamsimukhametov, A. Kurapov, M. Liubogoshchev and E. Khorov, "Is Encrypted ClientHello a Challenge for Traffic Classification?," in IEEE Access, vol. 10, pp. 77883-77897, 2022, doi: 10.1109/ACCESS.2022.3191431.
F. U. Islam, G. Liu, J. Zhai and W. Liu, "VoIP Traffic Detection in Tunneled and Anonymous Networks Using Deep Learning," in IEEE Access, vol. 9, pp. 59783-59799, 2021, doi: 10.1109/ACCESS.2021.3073967.
Q. Liu, M. Li, N. Cao, Z. Zhang and G. Yang, "Improved Harris Combined With Clustering Algorithm for Data Traffic Classification," in IEEE Access, vol. 10, pp. 72815-72824, 2022, doi: 10.1109/ACCESS.2022.3188866.
Y. Pan, X. Zhang, H. Jiang and C. Li, "A Network Traffic Classification Method Based on Graph Convolution and LSTM," in IEEE Access, vol. 9, pp. 158261-158272, 2021, doi: 10.1109/ACCESS.2021.3128181.
H. D. Trinh, Á. Fernández Gambín, L. Giupponi, M. Rossi and P. Dini, "Mobile Traffic Classification Through Physical Control Channel Fingerprinting: A Deep Learning Approach," in IEEE Transactions on Network and Service Management, vol. 18, no. 2, pp. 1946-1961, June 2021, doi: 10.1109/TNSM.2020.3028197.
Shahraki, M. Abbasi, A. Taherkordi and A. D. Jurcut, "Active Learning for Network Traffic Classification: A Technical Study," in IEEE Transactions on Cognitive Communications and Networking, vol. 8, no. 1, pp. 422-439, March 2022, doi: 10.1109/TCCN.2021.3119062.
M. Azizjon, A. Jumabek, and W. Kim, "1D CNN based network intrusion detection with normalization on imbalanced data," in Proc. Int. Conf. Artif. Intell. Inf. Commun. (ICAIIC), pp. 218–224, Feb. 2020.
Y. Imrana, Y. Xiang, L. Ali, and Z. Abdul-Rauf, "A bidirectional LSTM deep learning approach for intrusion detection," Expert Syst. Appl., vol. 185, Art. no. 115524, Dec. 2021.
P. Sun, P. Liu, Q. Li, C. Liu, X. Lu, R. Hao, and J. Chen, "DL-IDS: Extracting features using CNN-LSTM hybrid network for intrusion detection system," Secur. Commun. Netw., vol.12, pp. 1–11, Aug. 20, 2020
H. Alizadeh, H. Vranken, A. Zúquete and A. Miri, "Timely Classification and Verification of Network Traffic Using Gaussian Mixture Models," in IEEE Access, vol. 8, pp. 91287-91302, 2020, doi: 10.1109/ACCESS.2020.2992556.
Yao, Y. Yang, K. Yin and J. Yang, "Traffic Anomaly Detection in Wireless Sensor Networks Based on Principal Component Analysis and Deep Convolution Neural Network," in IEEE Access, vol. 10, pp. 103136-103149, 2022, doi: 10.1109/ACCESS.2022.3210189.
N. Khan, U. Chaudhuri, B. Banerjee, and S. Chaudhuri, "Graph convolutional network for multi-label VHR remote sensing scene recognition," Neurocomputing, vol. 357, pp. 36–46, May 2019.
J. Wu, S.-H. Zhong, and Y. Liu, "Dynamic graph convolutional network for multi-video summarisation," Pattern Recognit., vol. 107, Nov. 2020, Art. no. 107382
Wu, A. Souza, T. Zhang, C. Fifty, T. Yu, and K. Weinberger, "Simplifying graph convolutional networks," in Proc. 36th Int. Conf. Mach. Learn., vol. 97, Jun. 2019, pp. 6861–6871
Y. Imrana, Y. Xiang, L. Ali, and Z. Abdul-Rauf, "A bidirectional LSTM deep learning approach for intrusion detection," Expert Syst. Appl., vol. 185, Dec. 2021, Art. no. 115524.
X. Zhou, Y. Hu, W. Liang, J. Ma, and Q. Jin, "Variational LSTM enhanced anomaly detection for industrial big data," IEEE Trans. Ind. Informat., vol. 17, no. 5, pp. 3469–3477, May 2021.
https://www.kaggle.com/datasets/mrwellsdavid/unsw-nb15?resource=download
https://kdd.ics.uci.edu/databases/kddcup99/task.html
P. Singh and A. Tiwari, "A review intrusion detection system using KDD'99 dataset," Int. J. Eng. Res. Technol., vol. 3, no. 11, pp. 1103–1108, 2014
J. Liu, B. Kantarci, and C. Adams, "Machine learning-driven intrusion detection for Contiki-NG-based IoT networks exposed to NSL-KDD dataset," in Proc. ACM Workshop Wireless Secur. Mach. Learn., 2020, pp. 25–30.
A. Salih and I. Duhok, "Evaluation of classification algorithms for intrusion detection system: A review," J. Soft Comput. Data Mining, vol. 2, no. 1, pp. 31–40, Apr. 2021.
M. Azizjon, A. Jumabek, and W. Kim, "1D CNN based network intrusion detection with normalization on imbalanced data," in Proc. Int. Conf. Artif. Intell. Inf. Commun. (ICAIIC), Feb. 2020, pp. 218–224
Y. Imrana, Y. Xiang, L. Ali, and Z. Abdul-Rauf, "A bidirectional LSTM deep learning approach for intrusion detection," Expert Syst. Appl., vol. 185, Dec. 2021, Art. no. 115524.
P. Sun, P. Liu, Q. Li, C. Liu, X. Lu, R. Hao, and J. Chen, "DL-IDS: Extracting features using CNN-LSTM hybrid network for intrusion detection system," Secur. Commun. Netw., vol. 2020, pp. 1–11, Aug. 20
H. Alazzam, A. Sharieh, and K. E. Sabri, "A feature selection algorithm for intrusion detection system based on pigeon inspired optimizer," Expert Syst. Appl., vol. 148, Jun. 2020, Art. no. 113249.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.