Application of deep learning to enhance the accuracy of intrusion detection in modern computer networks

Jafar Majidpour, Hiwa Hasanzadeh
2020 Bulletin of Electrical Engineering and Informatics  
Application of deep learning to enhance the accuracy of intrusion detection in modern computer networks were studied in this paper. The identification of attacks in computer networks is divided in to two categories of intrusion detection and anomaly detection in terms of the information used in the learning phase. Intrusion detection uses both routine traffic and attack traffic. Abnormal detection methods attempt to model the normal behavior of the system, and any incident that violates this
more » ... el is considered to be a suspicious behavior. For example, if the web server, which is usually passive, tries to There are many addresses that are likely to be infected with the worm. The abnormal diagnostic methods are Statistical models, Secure system approach, Review protocol, Check files, Create White list, Neural Networks, Genetic Algorithm, Vector M achines, decision tree. Our results have demonstrated that our approach offers high levels of accuracy, precision and recall together with reduced training time. In our future work, the first avenue of exploration for improvement will be to assess and extend the capability of our model to handle zero-day attacks. 1138 processing. In fact, the deep learning vocabulary is the study of new methods for artificial neural networks [4] [5] [6] [7] [8] . In sum, deep learning is a sub-scan of machine learning that uses multiple layers of linear transformations to process sensory signals such as sound and image. The machine divides each complex concept into simpler concepts, and, with the continuation of this process, arrives at basic concepts that are able to make decisions for them, and thus there is no need for a complete human monitoring to specify the machine's information at any given moment. The subject matter of deep learning is important in providing information. Providing information to the car should be such that the car receives the key information it can decide upon by citing it in the shortest possible time. When designing deep learning algorithms, we must pay attention to the transformation factors that explain the information observed, these factors are not usually invisible, but factors that affect the visible handle or are the birth of human mental structures to simplify issues. For example, when processing speech, altering factors can be the speaker's dialect, age or gender. When processing a picture of a machine, the amount of glow in the sun is a metamorphic factor. One of the problems of artificial intelligence is the great effect of changing factors on received information. For example, many of the pixels received from a red car at night may be black. To solve these problems, we sometimes need to understand the information (about humans), and sometimes it's hard to find the right way to display information as much as it is [1-3, 9, 10]. The identification of attacks in computer networks is divided into two categories of intrusion detection and anomaly detection in terms of the information used in the learning phase. Intrusion detection uses both routine traffic and attack traffic. To accomplish this, various methods are used to enforce a series of illegal actions that compromise the integrity or access to a resource. Intrusions can be divided into internal and external categories. External influences are those that are inflicted by authorized or unauthorized persons inside the internal network from outside the network, and internal influences are made by authorized persons within the system and the internal network from within the network itself. Intruders generally use software deficiencies, password cracking, eavesdropping of network traffic and network design weaknesses, services, or network computers to penetrate computer systems and networks. An intrusion detection system can be set up. There are tools, methods, and documentation that help identify, identify, and report unregistered or unregistered activities under the network [5, 8, [10] [11] [12] [13] [14] . Intrusion detection is not a proper title for intrusion detection systems, because these systems really detect infiltration. They do not perceive the network activity as intrusion, which may not be essentially intrusive. In fact, cys Detection of penetration is a small part of the system's protective system and is not considered as an autonomous and independent system. Digital security tools can be considered equivalent to physical security tools. For example, the firewall 2 You can equate locked doors wit h an intrusion detection system equivalent to an alarm system and an intruder system as guardian dogs. Assume that you have a repository of confidential documents that you want to use with a fence around the premises, a system of announcements Protect your risk, locked doors, guard dogs and camera. Locked doors allow unauthorized people to enter It prevents the inside of the tank, but does not alert you in the event of an attacker's intrusion. The alarm system warns you, if the attacker intends to enter th e tank, but does not prevent the penetration. Guards, It is an example of a series of measures that can prevent the intruder. As we have seen, the locked doors, the alarm system and the guard dogs, provided separate, but complementary roles in protecting the container of confidential documents. This was about the firewall, the intrusion detection and intrusion control system is also correct. These systems are different technologies that can work together. The location and layout of these tools can turn an unsecured network into a secure network. Intrusion detection systems are the task of identifying and detecting any unauthorized use of the system, exploitation and Or damage by both internal and external users. Intrusion detection systems are created as so ftware and hardware systems, each with its own advantages and disadvantages. The speed and precision of the benefits of hardware systems, and the failure of their security failures by the attackers, is another feature of these systems. But the easy use of the software, the software compatibility and the differences in operating systems give more generality to software systems, and generally these systems are mo re appropriately chosen [6] [7] [8] [9] [13] [14] [15] [16] [17] [18] . Automatic Image Annotation is a technique or a tool to retrieve content-based and semantic concepts images. In technique, the image content is attached to a set of predefined switches. Content -Based Image Retrieval (CBIR) allows the users to retrieve the images efficiently. The image features are automatically extractable using image processing techniques. standardized color and texture called MPEG-7. These features include Color Layout Descriptor (CLD) and Scalable Color Descriptor (SCD) for colors and Edge Histogram Descriptor (EHD) for image texture [18] [19] [20] [21] . Recently it has become essential to search for and retrieve high -resolution and efficient images easily due to swift development of digital images, many present annotation algorithms facing a big challenge which is the variance for represent the image where high level represent image semantic and low level illustrate the features, this issue is known as "semantic gab". This work has been used MPEG-7 standard to CONCLUSION Application of deep learning to enhance the accuracy of intrusion detection in modern computer networks were studied in this paper. Abnormal detection methods attempt to model the normal behavior of the system, and any incident that violates this model is considered to be a suspicious behavior. For example, if the web server, which is usually passive, tries to there are many addresses that are likely to be infected with the worm. The abnormal diagnostic methods are: Statistical models, Secure sy stem approach, Review protocol, Check files, Create Whitelist, Neural Networks, Genetic Algorithm, Vector Vector Machines, decision tree. Our results have demonstrated that our approach offers high levels of accuracy, precision and recall together with reduced training time. In our future work, the first avenue of exploration for improvement will be to assess and extend the capability of our model to handle zero -day attacks.
doi:10.11591/eei.v9i3.1724 fatcat:qyss2zyrijc6biebrp6dgy6lpy