An Approach for Host-Based Intrusion Detection System Design Using Convolutional Neural Network

• Published in: Mobile Networks and Management Vol. 235; pp. 116 - 126
• Main Authors: Tran, Nam Nhat, Sarker, Ruhul, Hu, Jiankun
• Format: Book Chapter
• Language: English
• Published: Switzerland Springer International Publishing AG 2018; Springer International Publishing
• Series: Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
• Subjects: Convolutional Neural Network; Host-Based; Intrusion Detection System
• ISBN: 3319907743; 9783319907741
• ISSN: 1867-8211; 1867-822X
• DOI: 10.1007/978-3-319-90775-8_10

Along with the drastic growth of telecommunication and networking, the cyber-threats are getting more and more sophisticated and certainly leading to severe consequences. With the fact that various segments of industrial systems are deployed with Information and Computer Technology, the damage of cyber-attacks is now expanding to physical infrastructure. In order to mitigate the damage as well as reduce the False Alarm Rate, an advanced yet well-design Intrusion Detection System (IDS) must be deployed. This paper focuses on system call traces as an object for designing a Host-based anomaly IDS. Sharing several similarities with research objects in Natural Language Processing and Image Recognition, a Host-based IDS design procedure based on Convolutional Neural Network (CNN) for system call traces is implemented. The decent preliminary results harvested from modern benchmarking datasets NGIDS-DS and ADFA-LD demonstrated this approachs feasibility.