All Issue

2021 Vol.9, Issue 3 Preview Page

Research Article

Analysis of Improved CNN for Wireless Network Intrusion Detection

무선 네트워크 침입탐지를 위해 개선된 CNN 분석

Seungkyun Park1

박승균1

1Professor, School of IT Convergence Engineering, Shinhan University
1신한대학교 IT 융합공학부 교수
30 September 2021. pp. 147-154
PDF Citation
Abstract
최근 5G기술과 함께 공중 및 사설 WiFi 서비스 영역이 크게 확대되면서 사용자 트래픽의 종류와 크기도 폭발적으로 증가하고 있다. 이와 함께 무선 네트워크의 보안 취약성을 이용한 인가되지 않은 악의적인 사용자의 침입/공격 트래픽도 크게 증가하고 있다. 침입/공격 특성 또한 다양화되고 있어 기존 무선 네트워크 침입 탐지 시스템은 오탐률이 높고 탐지 효율성이 낮으며 침입 및 공격 트래픽에 대한 일반화 능력이 약하다. 본 논문에서는 과대적합 문제를 피하면서 일반화 능력을 개선하기 위한 방안으로 CNN의 커널 크기를 축소하고 콘볼루션 계층을 이중화하여 병렬 연산을 하는 구조를 제안한다. 테스트 데이터 세트로NSL-KDD CUP 데이터 세트를 사용하여, 실험 및 분석 결과 제안한 CNN은 침입/공격을 탐지하기 위한 샘플 테스트 수행에서 정확도와 참양성률(true positive rate)은 96.38%, 96.75%이며 이것은 기존 DBN과 RNN보다 2%이상 향상된 결과이다. 또한 위양성율(false positive rate)은 0.88%와 0.91% 보다 낮은 0.64%을 보여주었다.
Recently, along with 5G technology public and private WiFi service areas have been greatly expanded. Also, the types and sizes of user traffic are increasing explosively. At the same time, the frequency of intrusion/attack by unauthorized malicious users using security vulnerabilities of wireless networks is also increasing significantly. Intrusion/attack characteristics are also diversifying, so the existing wireless network intrusion detection system has a high false positive rate, low detection efficiency, and weak generalization ability for intrusion and attack traffic. In this paper, as a method to improve generalization ability while avoiding the overfitting problem, we propose a structure that reduces the size of the CNN kernel and duplicates the convolutional layer for parallel operation. The NSL-KDD CUP data set was used as the test data set. As a result of experiments and analysis, the proposed CNN show 96.38% and 96.75% accuracy and true positive rates in performing sample tests to detect intrusion/attack.This showed an improvement of more than 2% compared to the existing DBN and RNN. Also, the false positive rate was 0.64%, lower than 0.88% and 0.91%.
Keywords
Wireless network
Intrusion detection
Convolution neural network
Detection accuracy
True positive rate
False positive rate
References
  1. S. Zou, F. Zhong, B. Han, and H. Sun, "Network Intrusion Detection Method Based on Deep Learning", Journal of Physics Conference Series, 1966(1):012051, 2021.https://doi.org/10.1088/1742-6596/1966/1/012051
  2. Y. He, and W. Li, "Image-based Encrypted Traffic Classification with Convolution Neural Networks[C]", 2020 IEEE Fifth International Conference on Data Science in Cyberspace (DSC), IEEE, 2020.https://doi.org/10.1109/DSC50466.2020.00048
  3. L. Yang, J. Li, L. Yin, Z. Sun, Y. Zhao, and Z. Li, "Real-Time Intrusion Detection in Wireless Network: A Deep Learning-Based Intelligent Mechanism", IEEE Access, Vol. 8, pp. 170128-170139, 2020.https://doi.org/10.1109/ACCESS.2020.3019973
  4. H. Yang, and F. Wang, "Wireless Network Intrusion Detection Based on Improved Convolutional Neural Network", IEEE Access, Vol. 7, pp(99): 1-1, 2019.https://doi.org/10.1109/ACCESS.2019.2917299
  5. 김동훈, 김정재, 손인수, "KDD CUP 99를 이용한 기계학습 기반 네트워크 침입 탐지 기법 연구", 한국통신학회 학술대회논문집, pp.861-862, 2019.
  6. 정기문, "딥러닝 기반 네트워크 침입탐지를 위한 데이터 전처리 방안 연구", 한국 컴퓨터정보학회 하계학술대회 논문집, 제26권 제2호, 2018.
  7. 김동훈, 손인수, "네트워크 침입탐지 기술 연구 동향", 전자공학회논문지, 제56권 제8호, pp.3-12, 2019.https://doi.org/10.5573/ieie.2019.56.8.3
  8. S. S. Roy, A. Mallik, R. Gulati, M. S. Obaidat, and P. V. Krishna, "A Deep Learning Based Artificial Neural Network Approach for Intrusion Detection", in Proceedings of the International Conference on Mathematics and Computing, Berlin, Germany, pp. 44-53, 2017.https://doi.org/10.1007/978-981-10-4642-1_5
  9. B. A. Tama, and K.-H. Rhee, "A Detailed Analysis of Classifier Ensembles for Intrusion Detection in Wireless Network", JIPS (Journal of Information Processing Systems), Vol. 13, No. 5, pp. 1203-1212, 2017.https://doi.org/10.3745/JIPS.03.0080
  10. I. Al-Shourbaji, and S. Al-Janabi, "Intrusion Detection and Prevention Systems in Wireless Networks", Kurdistan Journal of Applied Research, Vol. 2, No. 3, 2017.https://doi.org/10.24017/science.2017.3.48
  11. A. Y. Javaid, and W. Sun, "A Deep Learning Approach for Network Intrusion Detection System", 9th EAI International Conference on Bio-inspired Information and Communications Technologies At: New York, 2015.https://doi.org/10.4108/eai.3-12-2015.2262516
  12. D. W. F. L. Vilela, E. W. T. Ferreira, A. A. Shinoda, N. V. de Souza Araújo, R. de Oliveira, and V. E. Nascimento, "A Dataset for Evaluating Intrusion Detection Systems in IEEE 802.11 Wireless Networks", IEEE Colombian Communications Conference, 2014.https://doi.org/10.1109/ColComCon.2014.6860434PMid:24911673
  13. K. El-Khatib, "Impact of Feature Reduction on the Efficiency of Wireless Intrusion Detection Systems", Parallel and Distributed Systems", IEEE Transactions on, Vol. 21, No. 8, pp. 1143-1149, 2010.https://doi.org/10.1109/TPDS.2009.142
  14. 이형우, "무선 네트워크 침입탐지/차단 시스템(Wireless IPS) 기술", 한국통신학회지, 제22권 제8호, pp.114-128, 2005.
  15. https://web.archive.org/web/20150205070216/http://nsl.cs.unb.ca/NSL-KDD
Information
  • Publisher :The Society of Convergence Knowledge
  • Publisher(Ko) :융복합지식학회
  • Journal Title :The Society of Convergence Knowledge Transactions
  • Journal Title(Ko) :융복합지식학회논문지
  • Volume : 9
  • No :3
  • Pages :147-154
  • DOI :https://doi.org/10.22716/sckt.2021.9.3.037
Journal Informaiton The Society of Convergence Knowledge Transactions The Society of Convergence Knowledge Transactions
Online Submission
  • NRF
  • KISTI Current Status
  • KISTI Cited-by
  • crosscheck
  • orcid
  • open access
  • ccl
Journal Informaiton Journal Informaiton - close