One-hot encoding and convolutional neural network based anomaly detection

LIANG Jie; CHEN Jiahao; ZHANG Xueqin; ZHOU Yue; LIN Jiajun

doi:10.16511/j.cnki.qhdxxb.2018.25.061

PDF(1102 KB)

Journal of Tsinghua University(Science and Technology) ›› 2019, Vol. 59 ›› Issue (7) : 523-529. DOI: 10.16511/j.cnki.qhdxxb.2018.25.061

COMPUTER SCIENCE AND TECHNOLOGY

One-hot encoding and convolutional neural network based anomaly detection

{{article.zuoZhe_EN}}

Author information +

History +

Abstract

Deep learning based network anomaly detection is a new research field with previous studies using preprocessed datasets based on data mining or other methods. This paper transforms and encodes the UNSW-NB15 dataset using one-hot encoding to a two-dimensional dataset. Then, GoogLeNet is used for deep learning network to extract the features and train the classifier. Tests show that this method can effectively process the original network packet with a classification accuracy over 99%, which is much higher than deep learning detection methods based on preprocessed data.

Key words

anomaly detection / convolutional neural network / one-hot encoding / UNSW-NB15 dataset

Cite this article

EndNote

Ris (Procite)

Bibtex

Download Citations

LIANG Jie, CHEN Jiahao, ZHANG Xueqin, ZHOU Yue, LIN Jiajun. One-hot encoding and convolutional neural network based anomaly detection[J]. Journal of Tsinghua University(Science and Technology). 2019, 59(7): 523-529 https://doi.org/10.16511/j.cnki.qhdxxb.2018.25.061

References

[1] FIORE U, PALMIERI F, CASTIGLIONE A, et al. Network anomaly detection with the restricted Boltzmann machine[J]. Neurocomputing, 2013, 122:13-23.
[2] YADAV S, SUBRAMANIAN S. Detection of application layer DDoS attack by feature learning using stacked AutoEncoder[C]//Proceedings of 2016 International Conference on Computational Techniques in Information and Communication Technologies. New Delhi, India:IEEE, 2016:361-366.
[3] YIN C L, ZHU Y F, FEI J L, et al. A deep learning approach for intrusion detection using recurrent neural networks[J]. IEEE Access, 2017, 5:21954-21961.
[4] YUAN X Y, LI C H, LI X L. DeepDefense:Identifying DDoS attack via deep learning[C]//Proceedings of 2017 IEEE International Conference on Smart Computing. Hong Kong, China:IEEE, 2017:1-8.
[5] LI Z P, QIN Z, HUANG K, et al. Intrusion detection using convolutional neural networks for representation learning[M]//LIU D, XIE S, LI Y, et al. Neural Information Processing. Cham:Springer, 2017:858-866.
[6] WANG W, SHENG Y Q, WANG J L, et al. HAST-IDS:Learning hierarchical spatial-temporal features using deep neural networks to improve intrusion detection[J]. IEEE Access, 2018, 6:1792-1806.
[7] MOUSTAFA N, SLAY J. UNSW-NB15:A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)[C]//Proceedings of 2015 Military Communications and Information Systems Conference. Canberra, ACT, Australia:IEEE, 2015:1-6.
[8] MOUSTAFA N, SLAY J. The evaluation of network anomaly detection systems:Statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set[J]. Information Systems Security, 2016, 25(1-3):18-31.
[9] BOUVRIE J. Notes on convolutional neural networks[Z]. Neural Networks, 2006.
[10] SZEGEDY C, LIU W, JIA Y Q, et al. Going deeper with convolutions[C]//Proceedings of 2015 IEEE Conference on Computer Vision and Pattern Recognition (CVPR). Boston, MA, USA:IEEE, 2015:1-9.
[11] LIN M, CHEN Q, YAN S C. Network in network[Z]. arXiv:1312.4400, 2013.