DERİN ÖĞRENME TABANLI AĞ SALDIRI TESPİTİ

Yıl 2024, Cilt: 12 Sayı: 3, 517 - 530, 26.09.2024

Güneş Harman , Emine Cengiz

https://doi.org/10.21923/jesd.1417622

Öz

Teknolojik yeniliklerin amansız ilerleyişinin doğrudan bir sonucu olarak, İnternet kullanımı modern insanın yaşamı için kaçınılmaz bir koşul haline gelmiştir. İnternet, bilgi ürünlerinin yararlı ya da yararsız olabileceği durumların hem miktarını hem de çeşitliliğini artırmıştır. Farklı sistemlerin ve kullanıcıların sayısı arttıkça, bu sistemleri istismar etmenin farklı yollarının sayısının da artması şaşırtıcı değildir. Bu çeşitlilik ve büyümeyle birlikte bir güvenlik sorunu ortaya çıkmıştır. Çeşitlilik ve miktar artışı yeni sistem zayıflıklarını ve dolayısıyla yeni saldırı stratejilerini beraberinde getirmektedir. Bu soruna çözüm olarak hem iç hem de dış saldırıları tespit etmek için yöntemler önerilmektedir. Bu araştırmanın amacı, NF-BoT-IoT veri setindeki dengesiz sınıf dağılımına yönelik saldırı olarak da bilinen izinsiz girişleri tespit etmek için bir Evrişimsel Sinir Ağı kullanılmış, Sentetik Azınlık Örnekleme Tekniği, Rastgele Aşırı Örnekleme ve Rastgele Alt Örnekleme yöntemleri kullanılmıştır. Sınıflandırma modellerinin performansını değerlendirmek ve geliştirilen modeli eğitmek için veri setini bölme stratejilerinden biri olan K-Fold Cross Validation kullanılmıştır. Modelin performansı doğruluk, kesinlik, duyarlılık ve F1-skor performans kriterleri kullanılarak değerlendirilmiştir.

Anahtar Kelimeler

Derin Öğrenme, Evrişimsel Sinir Ağları, Saldırı Tespiti, NF-BoT-IoT, Siber Güvenlik

DEEP LEARNING BASED NETWORK INTRUSION DETECTION

Öz

As a direct consequence of the unrelenting march of technological innovation, the use of the Internet has become an unavoidable condition for the life of modern humans. The Internet has increased both the quantity and range of situations in which information products can be useful or non-useful. It’s no surprise that as the number of different systems and users has grown, so have the number of different ways to exploit those systems. A security issue has arisen with such diversity and growth. Its diversity and increase in quantity introduce new system weaknesses and thus new attack strategies. Methods for detecting both internal and external attacks are suggested as a solution to this issue. The purpose of this research, a Convolutional Neural Network was utilized to identify intrusions, also known as attacks for the imbalanced class distribution in the NF-BoT-IoT data set, Synthetic Minority Over Sampling Technique, Random Over Sampling and Random Under Sampling methods were used. K-Fold Cross Validation, one of the strategies for splitting the data set, was utilized to evaluate the performance of classification models and to train the developed model. The model’s performance was evaluated using the accuracy, precision, recall, and F1-score performance criteria.

Anahtar Kelimeler

Deep Learning, Convolutional Neural Network, Intrusion Detection, NF-BoT-IoT, Cyber Security

Kaynakça

• Aldallal, A., 2022 Toward efficient intrusion detection system using hybrid deep learning approach. Symmetry, 14(9), 1916. https://doi.org/10.3390/ sym14091916
• Altunay, H.C., Albayrak, Z., 2021. Network intrusion detection approach based on con- volutional neural network. Avrupa Bilim ve Teknoloji Dergisi, (26), 22–29. https://doi.org/10.31590/ejosat.954966
• Baykan, N.A., Khorram, T., 2021. Network intrusion detection using optimized machine learning algorithms. Avrupa Bilim ve Teknoloji Dergisi, (25), 463–474. https://doi.org/10.31590/ejosat.849723
• Baykara, M., Resul, D., 2019. Saldırı tespit ve engelleme ara¸clarının incelenmesi. Dicle U¨ niversitesi Mu¨hendislik Faku¨ltesi Mu¨hendislik Dergisi, 10(1), 57–75. https://doi.org/10.24012/dumf.449059
• Bedi, P., Gupta, N., Jindal, V., 2021. I-siamids: an improved siam-ids for handling class imbalance in network-based intrusion detection systems. Applied Intelligence, 51, 1133–1151. https://doi.org/10.1007/s10489-020-01886-y
• Behera, S., Pradhan, A., Dash, R., 2018. Deep neural network architecture for anomaly based intrusion detection system. In: 2018 5th International Conference on Signal Processing and Integrated Networks (SPIN), pp. 270–274. https://doi.org/ 10.1109/SPIN.2018.8474162
• Butun, I., Morgera, S.D., Sankar, R., 2013. A survey of intrusion detection systems in wireless sensor networks. IEEE communications surveys & tutorials, 16(1), 266–282. https://doi.org/10.1109/SURV.2013.050113.00191
• Cengiz, E., Harman, G., 2022 Dengesiz ml-tabanlı nıds veri setlerinin sınıflandırma performanslarının kar¸sıla¸stırılması. Avrupa Bilim ve Teknoloji Dergisi, (41), 349–356. https://doi.org/10.31590/ejosat.1157441
• Çetiner, H., 2021. Classification of apple leaf diseases using the proposed convolution neural network approach. Mühendislik Bilimleri Ve Tasarım Dergisi, 9(4), 1130-1140. https://doi.org/10.21923/jesd.980629
• Gu¨lcu¨, A., Ku¸s, Z.,2019. A survey of hyper-parameter optimization methods in con- volutional neural networks. Gazi U¨ niversitesi Fen Bilimleri Dergisi, 7(2), 503–522. https://doi.org/10.29109/gujsc.514483
• Idrissi, I., Boukabous, M., Azizi, M., Moussaoui, O., El Fadili, H., 2021. Toward a deep learning-based intrusion detection system for iot against botnet attacks. IAES International Journal of Artificial Intelligence, 10(1), 110. https://doi.org/ 10.11591/ijai.v10.i1.pp110-120
• Ilyas, I.F., Chu, X., 2019. Data Cleaning. Morgan Claypool.
• Kim, J., Kim, J., Kim, H., Shim, M., Choi, E., 2020. Cnn-based network intrusion detection against denial-of-service attacks. Electronics, 9(6), 916. https://doi.org/10.3390/electronics9060916
• Kingma, D.P., Ba, J., 2014. Adam: A method for stochastic optimization. arXiv preprint arXiv:1412.6980 https://doi.org/10.48550/arXiv.1412.6980
• LeCun, Y., Bottou, L., Bengio, Y., Haffner, P., 1998. Gradient-based learning applied to document recognition. Proceedings of the IEEE, 86(11), 2278–2324.https://doi.org/10.1109/5.726791
• Mandal, D., Kösesoy, İ., 2023. Prediction of Software Security Vulnerabilities from Source Code Using Machine Learning Methods. In 2023 Innovations in Intelligent Systems and Applications Conference (ASYU), pp. 1-6, IEEE. https://doi.org/10.1109/ASYU58738.2023.10296747
• Mijalkovic, J., Spognardi, A., 2022. Reducing the false negative rate in deep learning based network intrusion detection systems. Algorithms, 15(8), 258. https: //doi.org/10.3390/a15080258
• Naveed, M., Arif, F., Usman, S.M., Anwar, A., Hadjouni, M., Elmannai, H., Hussain, S., Ullah, S.S., Umar, F., 2022. A deep learning-based framework for feature extraction and classification of intrusion detection in networks. Wireless Com- munications and Mobile Computing, 2022. https://doi.org/10.1155/2022/ 2215852
• Otoum, Y., Nayak, A.,2021. As-ids: Anomaly and signature based ids for the internet of things. Journal of Network and Systems Management, 29, 1–26.
• Priyadarshini, R., Barik, R.K., 2022. A deep learning based intelligent framework to mitigate ddos attack in fog environment. Journal of King Saud University- Computer and Information Sciences, 34(3), 825–831 (2022). https://doi.org/10. 1016/j.jksuci.2019.04.010
• S¨oderstr¨om, A., 2021. Anomaly-based Intrusion Detection Using Convolutional Neural Networks for IoT Devices.
• Sarhan, M., Layeghy, S., Moustafa, N., Portmann, M., 2020. Netflow datasets for machine learning-based network intrusion detection systems. In: Big Data Technologies and Applications: 10th EAI International Conference, BDTA 2020, and 13th EAI International Conference on Wireless Internet, WiCON 2020, Vir- tual Event, December 11, 2020, Proceedings 10, pp. 117–135. https://doi.org/10.1007/978-3-030-72802-1 9
• Sarkar, S., Chatterjee, S., Misra, S., 2015. Assessment of the suitability of fog computing in the context of internet of things. IEEE Transactions on Cloud Computing, 6(1), 46–5. https://doi.org/10.1109/TCC.2015.2485206
• Shone, N., Ngoc, T.N., Phai, V.D., Shi, Q., 2018. A deep learning approach to net- work intrusion detection. IEEE transactions on emerging topics in computational intelligence, 2(1), 41–50. https://doi.org/10.1109/TETCI.2017.2772792
• Sun, P., Liu, P., Li, Q., Liu, C., Lu, X., Hao, R., Chen, J., 2020. Dl-ids: Extracting features using cnn-lstm hybrid network for intrusion detection system. Security and communication networks, 2020, 1–11. https://doi.org/10.1155/2020/ 8890306
• Tsimenidis, S., Lagkas, T., Rantos, K., 2022. Deep learning in iot intrusion detection. Journal of network and systems management, 30, 1–40.
• Vishwakarma, M., Kesswani, N., 2022. Dids: A deep neural network based real-time intrusion detection system for iot. Decision Analytics Journal, 5, 100142. https://doi.org/10.1016/j.dajour.2022.100142
• Vishwakarma, M., Kesswani, N., 2022. Dids: A deep neural network based real-time intrusion detection system for iot. Decision Analytics Journal, 5, 100142. https://doi.org/10.1016/j.dajour.2022.100142
• Wang, C., Wang, B., Sun, Y., Wei, Y., Wang, K., Zhang, H., Liu, H., 2021. Intrusion detection for industrial control systems based on open set artificial neural network. Security and Communication Networks, 2021, 1–14. https://doi.org/10. 1155/2021/4027900
• Yang, H., Wang, F., 2019. Wireless network intrusion detection based on improved convolutional neural network. Ieee Access, 7, 64366–64374. https://doi.org/ 10.1109/ACCESS.2019.2917299