Giải pháp phát hiện xâm nhập mạng sử dụng mô hình học sâu
,
,
,
và
Article Sidebar
Full Text: 
PDF
Abstract
This study analyzes the performance of deep learning models in network intrusion detection using the UNSW-NB15 dataset. The evaluated models include MLP, RNN, CNN, LSTM, BiLSTM, GRU, Autoencoder, and Transformer. Experimental results show that BiLSTM and GRU achieved the highest accuracy (98.78%) with relatively short training times (656.20 and 497.89 minutes). Meanwhile, the Transformer also achieved high accuracy (98.76%) but required the longest training time (1010.49 minutes). RNN and Autoencoder had the shortest training times but slightly lower accuracy (98.64% and 98.72%). BiLSTM and GRU emerged as optimal choices due to their balance between accuracy and training time, whereas Transformer is suitable for systems with abundant computational resources. This study highlights the potential of deep learning models in detecting modern network intrusions and their applicability to practical cybersecurity systems.
Tóm tắt
Trong nghiên cứu này, việc phân tích hiệu suất của các mô hình học sâu trong phát hiện xâm nhập mạng dựa trên dữ liệu UNSW-NB15 đã được thực hiện. Các mô hình được triển khai bao gồm MLP, RNN, CNN, LSTM, BiLSTM, GRU, Autoencoder và Transformer. Kết quả cho thấy BiLSTM và GRU đạt độ chính xác cao nhất (98,78%) với thời gian huấn luyện ngắn (656,20 và 497,89 phút), trong khi Transformer cũng đạt độ chính xác cao (98,76%) nhưng yêu cầu thời gian huấn luyện dài nhất (1.010,49 phút). RNN và Autoencoder có thời gian huấn luyện ngắn nhất nhưng độ chính xác thấp hơn. BiLSTM và GRU là lựa chọn tối ưu nhờ sự cân bằng giữa độ chính xác và thời gian huấn luyện, Transformer phù hợp với hệ thống không giới hạn tài nguyên. Trong nghiên cứu, tiềm năng của các mô hình học sâu trong phát hiện các mối xâm nhập mạng hiện đại và khả năng ứng dụng vào các hệ thống an ninh mạng thực tiễn được nhấn mạnh.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Tài liệu tham khảo
Al-jabery, K. K., Obafemi-Ajayi, T., Olbricht, G. R., & Wunsch, II, D. C. (2020). Selected approaches to supervised learning. In K. A. Khalid, O. Tayo, R. O. Gayla, & C. W. Donald (Eds.), Computational Learning Approaches to Data Analytics in Biomedical Applications. (pp. 101-123). Elsevier. https://doi.org/10.1016/B978-0-12-814482-4.00004-8.
Bertsimas, D., Delarue, A., & Pauphilet, J. (2021). Simple Imputation Rules for Prediction with Missing Data: Contrasting Theoretical Guarantees with Empirical Performance. arXiv preprint arXiv:2104.03158. https://doi.org/10.48550/arXiv.2104.03158
Cho, K., van Merriënboer, B., Gulcehre, C., Bahdanau, D., Bougares, F., Schwenk, H., & Bengio, Y. (2014). Learning phrase representations using RNN encoder–decoder for statistical machine translation. Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing (EMNLP) (pp. 1724–1734). Association for Computational Linguistics.
https://doi.org/10.3115/v1/D14-1179
de Amorim, L. B. V., Cavalcanti, G. D. C., & Cruz, R. M. O. (2022). The choice of scaling technique matters for classification performance. Applied Soft Computing, 133, 109924. https://doi.org/10.1016/j.asoc.2022.109924
Feng, C., Wang, H., Lu, N., Chen, T., He, H., Lu, Y., & Tu, X. M. (2014). Log-transformation and its implications for data analysis. Shanghai Archives of Psychiatry, 26(1), 16-20. https://doi.org/10.3969/j.issn.1002-0829.2014.02.009
Gao, Y., Doan, B. G., Zhang, Z., Ma, S., Zhang, J., Fu, A., Nepal, S., & Kim, H. (2020). Backdoor attacks and countermeasures on deep learning: A comprehensive review. arXiv preprint arXiv:2007.10760. https://doi.org/10.48550/arXiv.2007.10760
Hicks, S. A., Strümke, I., Thambawita, V., Hammou, M., Riegler, M. A., Halvorsen, P., & Parasa, S. (2022). On evaluation metrics for medical applications of artificial intelligence. Scientific Reports, 12(1), 5979. https://doi.org/10.1038/s41598-022-09954-8
Hinton, G. E., & Salakhutdinov, R. R. (2006). Reducing the dimensionality of data with neural networks. Science, 313(5786), 504-507. https://doi.org/10.1126/science.1127647
Islam, S., Elmekki, H., Elsebai, A., Bentahar, J., Drawel, N., Rjoub, G., & Pedrycz, W. (2024). A comprehensive survey on applications of transformers for deep learning tasks. Expert Systems with Applications, 241, 122666. https://doi.org/10.1016/j.eswa.2024.122666
Liu, F. T., Ting, K. M., & Zhou, Z.-H. (2012). Isolation-Based Anomaly Detection. ACM Transactions on Knowledge Discovery from Data (TKDD), 6(1), 1-39. https://doi.org/10.1145/2133360.2133363
Lipton, Z. C., Berkowitz, J., & Elkan, C. (2015). A critical review of recurrent neural networks for sequence learning. arXiv preprint arXiv:1506.00019v4. https://doi.org/10.48550/arXiv.1506.00019
More, S., Idrissi, M., Mahmoud, H., & Asyhari, AT. (2024) Enhanced Intrusion Detection Systems Performance with UNSW-NB15 Data Analysis. Algorithms 2024, 17(2), 64.
https://doi.org/10.3390/a17020064
Moustafa, N., & Slay, J. (2015). UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In Military Communications and Information Systems Conference (MilCIS) (pp. 1-6). IEEE. https://doi.org/10.1109/MilCIS.2015.7348942
Psathas, A. P., Iliadis, L., Papaleonidas, A., & Pimenidis, E. (2024). HEDL-IDS2: An innovative hybrid ensemble deep learning prototype for cyber intrusion detection. In L. Iliadis, I. Maglogiannis, A. Papaleonidas, E. Pimenidis, & C. Jayne (Eds.), Engineering applications of neural networks (pp. 191-206). Springer.
https://doi.org/10.1007/978-3-031-62495-7_15
Pansari, N., Srivastava, S., R R, H., & Agarwal, M. (2024). Attack classification using machine learning on UNSW-NB 15 dataset using XGBoost feature selection & ablation analysis. In 2024 IEEE 9th International Conference for Convergence in Technology (I2CT) (pp. 1-9). IEEE. https://doi.org/10.1109/I2CT61223.2024.10543523
Saabith, S., Thangarajah, V., & Fareez, M. (2023) A survey of machine learning techniques for anomaly detection in cybersecurity. International Journal of Research in Engineering and Science, 11(10), 183-193.
Stein, K., Mahyari, A., Francia, G., & El-Sheikh, E. (2024). A Transformer-Based Framework for Payload Malware Detection and Classification 2024 IEEE World AI IoT Congress (AIIoT) (pp. 105-111). IEEE.
http://doi.org/10.1109/AIIoT61789.2024.10579000
TS, P., & Shrinivasacharya, P. (2021). Evaluating neural networks using Bi-Directional LSTM for network IDS (intrusion detection systems) in cyber security. Global Transitions Proceedings, 2(2), 448-454.
https://doi.org/10.1016/j.gltp.2021.08.017
Vaswani, A., Shazeer, N., Parmar, N., Uszkoreit, J., Jones, L., Gomez, A. N., Kaiser, L., & Polosukhin, I. (2017). Attention Is All You Need.
Conference on Neural Information Processing. https://doi.org/10.48550/arXiv.1706.03762 Systems (NIPS 2017). Curran Associates Inc.
Wu, Y., Wei, D., & Feng, J. (2020). Network Attacks Detection Methods Based on Deep Learning Techniques: A Survey. Security and Communication Networks, 2020(1), Article 8872923.
https://doi.org/10.1155/2020/8872923
Yuan, L., Jiang, P., Hou, W., & Huang, W. (2024). G-MLP: Graph multi-layer perceptron for node classification using contrastive learning. IEEE Access,12,104909-104919 https://doi.org/10.1109/ACCESS.2024.3432583