TY - GEN
T1 - ZT-NIDS
T2 - 20th International Conference on Security and Cryptography, SECRYPT 2023
AU - Alalmaie, Abeer Z.
AU - Nanda, Priyadarsi
AU - He, Xiangjian
N1 - Publisher Copyright:
© 2023 by SCITEPRESS - Science and Technology Publications, Lda. Under CC license (CC BY-NC-ND 4.0).
PY - 2023
Y1 - 2023
N2 - Zero Trust security can tackle various cyberthreats. Current trends in security monitoring must shift to a “never trust, always verify” approach, as data security is threatened when cloud-based third parties access network traces. Network Intrusion Detection System (NIDS) can be exploited to detect anomalous behaviour. Convolution Neural Network (CNN), Bi-directional Long Short Term Memory (BiLSTM) based classifiers and Auto-Encoder (AE) feature extractors have presented promising results in NIDS. AE feature extractor can compress the important information and train the unsupervised model. CNNs detect local spatial relationships, while BiLSTMs can exploit temporal interactions. Furthermore, Attention modules can capture content-based global interactions and can be applied on CNNs to attend to the significant contextual information. In this paper, we utilized the advantages of all AE, CNN and BiLSTM structures using a multi-head Self Attention mechanism to integrate CNN features for feeding into BiLSTM classifier. We use the bottleneck features of a pre-trained AE for an Attention-based CNN-BiLSTM classifier. Our experiments using 10, 6 and 2 categories NID system on UNSW-NB15 dataset showed that the proposed method outperforms state-of-the-art methods and achieved accuracy of 91.72%, 89.79% and 93.01%, respectively. Plus, we introduced a balanced data sampler for training 10 categories of NIDS.
AB - Zero Trust security can tackle various cyberthreats. Current trends in security monitoring must shift to a “never trust, always verify” approach, as data security is threatened when cloud-based third parties access network traces. Network Intrusion Detection System (NIDS) can be exploited to detect anomalous behaviour. Convolution Neural Network (CNN), Bi-directional Long Short Term Memory (BiLSTM) based classifiers and Auto-Encoder (AE) feature extractors have presented promising results in NIDS. AE feature extractor can compress the important information and train the unsupervised model. CNNs detect local spatial relationships, while BiLSTMs can exploit temporal interactions. Furthermore, Attention modules can capture content-based global interactions and can be applied on CNNs to attend to the significant contextual information. In this paper, we utilized the advantages of all AE, CNN and BiLSTM structures using a multi-head Self Attention mechanism to integrate CNN features for feeding into BiLSTM classifier. We use the bottleneck features of a pre-trained AE for an Attention-based CNN-BiLSTM classifier. Our experiments using 10, 6 and 2 categories NID system on UNSW-NB15 dataset showed that the proposed method outperforms state-of-the-art methods and achieved accuracy of 91.72%, 89.79% and 93.01%, respectively. Plus, we introduced a balanced data sampler for training 10 categories of NIDS.
KW - Attention
KW - CNN-BiLSTM
KW - Cybersecurity
KW - Network Intrusion Detection
KW - Network Security
KW - Zero Trust
UR - http://www.scopus.com/inward/record.url?scp=85178555039&partnerID=8YFLogxK
U2 - 10.5220/0012080000003555
DO - 10.5220/0012080000003555
M3 - Conference contribution
AN - SCOPUS:85178555039
SN - 9789897586668
T3 - Proceedings of the International Conference on Security and Cryptography
SP - 99
EP - 110
BT - SECRYPT 2023 - Proceedings of the 20th International Conference on Security and Cryptography
A2 - De Capitani di Vimercati, Sabrina
A2 - Samarati, Pierangela
PB - Science and Technology Publications, Lda
Y2 - 10 July 2023 through 12 July 2023
ER -