Improve IDS Detection Efficiency based on Sequence-to-Sequence Model

碩士 === 國立成功大學 === 電腦與通信工程研究所 === 107 === To prevent users from malware intrusion, many kinds of defense system are used, especially Intrusion Detection System (IDS), an important role in cybersecurity area. Most of network managements use network-based IDS(NIDS) to alert network attacks. However, NI...

Full description

Bibliographic Details
Main Authors: Cheng-HsuangLo, 羅政翔
Other Authors: Jung-Shian Li
Format: Others
Language:zh-TW
Published: 2019
Online Access:http://ndltd.ncl.edu.tw/handle/sw76qz
Description
Summary:碩士 === 國立成功大學 === 電腦與通信工程研究所 === 107 === To prevent users from malware intrusion, many kinds of defense system are used, especially Intrusion Detection System (IDS), an important role in cybersecurity area. Most of network managements use network-based IDS(NIDS) to alert network attacks. However, NIDS suffers variety and quick-changing malwares and NIDS cannot identify the attacks fast and correctly. Many machine learning algorithms are used in NIDS to improve the detection rate of malware, but to our knowledge, the efficiency is not fast and correct enough. We can improve the IDS detection efficiency by two methods: Novel dataset and suited algorithms. We proposed a new method based on deep learning technology and shown good performance for intrusion detection. We use random forest (RF) to rank and choose features in CICIDS2017 datasets, and embed the high dimension features to low dimension, then input these data to the deep neural network model called Sequence to Sequence. By the intrusion detection experiment, we finally get 99.93% on accuracy and 0.3% on false alert rate.