Loading…

Variant Gated Recurrent Units With Encoders to Preprocess Packets for Payload-Aware Intrusion Detection

This paper investigates variant-gated recurrent units with encoders to preprocess packets for payload-aware intrusion detection. The variant-gated recurrent units include an encoded gated recurrent unit (E-GRU) and an encoded binarized gated recurrent unit (E-BinGRU). First, the originally collected...

Full description

Saved in:

Bibliographic Details
Published in:	IEEE access 2019, Vol.7, p.49985-49998
Main Authors:	Hao, Yiran, Sheng, Yiqiang, Wang, Jinlin
Format:	Article
Language:	English
Subjects:	Accuracy Binary Coders Communications traffic Computer architecture encoder False alarms Feature extraction gated recurrent unit Headers Intrusion detection Intrusion detection systems Logic gates Manuals network security packet preprocessing Packets (communication) payload-aware intrusion detection Payloads Recurrent neural networks
Citations:	Items that this one cites Items that cite this one
Online Access:	Get full text
Tags:	Add Tag No Tags, Be the first to tag this record!

cited_by	cdi_FETCH-LOGICAL-c408t-b1630ebde09cf73c5d843fe1350e4b96b80aa857656a99ad51b4dc1a0ea606713
cites	cdi_FETCH-LOGICAL-c408t-b1630ebde09cf73c5d843fe1350e4b96b80aa857656a99ad51b4dc1a0ea606713
container_end_page	49998
container_issue
container_start_page	49985
container_title	IEEE access
container_volume	7
creator	Hao, Yiran Sheng, Yiqiang Wang, Jinlin
description	This paper investigates variant-gated recurrent units with encoders to preprocess packets for payload-aware intrusion detection. The variant-gated recurrent units include an encoded gated recurrent unit (E-GRU) and an encoded binarized gated recurrent unit (E-BinGRU). First, the originally collected traffic is split into packets that are segmented into fixed length. Next, the temporal features of the segmented packets with payloads and headers are extracted by the encoders of variant-gated recurrent units. Then, the performance of the intrusion detection system (IDS) is evaluated in terms of accuracy, detection rate, and false alarm rate. It is worth noting that we use the encoder to automatically preprocess network packets to obtain the features that accurately represent the network packets. The variant-gated recurrent units automatically learn network packet payload and header features to effectively improve the detection rate of the IDS. In addition, the E-BinGRU drastically reduces the memory size required and replaces most arithmetic operations with the bit-wise operations. E-GRU and E-BinGRU have never been used before in the network intrusion detection. The experimental results based on ISCX2012 show that the intrusion detection based on the investigated variant-gated recurrent units achieves higher accuracy and detection rates than three of the state-of-the-art methods. The accuracy rates of E-GRU and E-BinGRU are up to 99.9% and 99.7%, respectively, and the detection rates of E-GRU and E-BinGRU are up to 99.9% and 99.8%, respectively. The memory usage of E-GRU is approximately 32 times that of GRU.
doi_str_mv	10.1109/ACCESS.2019.2910860
format	article
fullrecord	<record><control><sourceid>proquest_ieee_</sourceid><recordid>TN_cdi_proquest_journals_2455604884</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>8689015</ieee_id><doaj_id>oai_doaj_org_article_43dabce7608446688d91e66e27fbfc0f</doaj_id><sourcerecordid>2455604884</sourcerecordid><originalsourceid>FETCH-LOGICAL-c408t-b1630ebde09cf73c5d843fe1350e4b96b80aa857656a99ad51b4dc1a0ea606713</originalsourceid><addsrcrecordid>eNpNUU1vFDEMjRBIVEt_QS8jcZ7FmXxMclwtS1mpEhWlcIw8iafMskxKklXVf0_KVBW--Nnye7b1GLvgsOYc7IfNdru7uVl3wO26sxyMhlfsrOPatkIJ_fo__Jad53yAGqa2VH_G7r5jmnAuzSUWCs1X8qeUqNa381Ry82MqP5vd7GOglJsSm-tE9yl6yrm5Rv-L6swYU8WPx4ih3TxgomY_l3TKU5ybj1TIl4resTcjHjOdP-cVu_20-7b93F59udxvN1etl2BKO3AtgIZAYP3YC6-CkWIkLhSQHKweDCAa1Wul0VoMig8yeI5AqEH3XKzYftENEQ_uPk2_MT26iJP714jpzmEqkz-SkyLg4KnXYKTU2phgOWlNXT8Oo4exar1ftOrHf06UizvEU5rr-a6TSmmQpl63YmKZ8inmnGh82crBPRnkFoPck0Hu2aDKulhYExG9MIw2FrgSfwHrWYzF</addsrcrecordid><sourcetype>Open Website</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2455604884</pqid></control><display><type>article</type><title>Variant Gated Recurrent Units With Encoders to Preprocess Packets for Payload-Aware Intrusion Detection</title><source>IEEE Xplore Open Access Journals</source><creator>Hao, Yiran ; Sheng, Yiqiang ; Wang, Jinlin</creator><creatorcontrib>Hao, Yiran ; Sheng, Yiqiang ; Wang, Jinlin</creatorcontrib><description>This paper investigates variant-gated recurrent units with encoders to preprocess packets for payload-aware intrusion detection. The variant-gated recurrent units include an encoded gated recurrent unit (E-GRU) and an encoded binarized gated recurrent unit (E-BinGRU). First, the originally collected traffic is split into packets that are segmented into fixed length. Next, the temporal features of the segmented packets with payloads and headers are extracted by the encoders of variant-gated recurrent units. Then, the performance of the intrusion detection system (IDS) is evaluated in terms of accuracy, detection rate, and false alarm rate. It is worth noting that we use the encoder to automatically preprocess network packets to obtain the features that accurately represent the network packets. The variant-gated recurrent units automatically learn network packet payload and header features to effectively improve the detection rate of the IDS. In addition, the E-BinGRU drastically reduces the memory size required and replaces most arithmetic operations with the bit-wise operations. E-GRU and E-BinGRU have never been used before in the network intrusion detection. The experimental results based on ISCX2012 show that the intrusion detection based on the investigated variant-gated recurrent units achieves higher accuracy and detection rates than three of the state-of-the-art methods. The accuracy rates of E-GRU and E-BinGRU are up to 99.9% and 99.7%, respectively, and the detection rates of E-GRU and E-BinGRU are up to 99.9% and 99.8%, respectively. The memory usage of E-GRU is approximately 32 times that of GRU.</description><identifier>ISSN: 2169-3536</identifier><identifier>EISSN: 2169-3536</identifier><identifier>DOI: 10.1109/ACCESS.2019.2910860</identifier><identifier>CODEN: IAECCG</identifier><language>eng</language><publisher>Piscataway: IEEE</publisher><subject>Accuracy ; Binary ; Coders ; Communications traffic ; Computer architecture ; encoder ; False alarms ; Feature extraction ; gated recurrent unit ; Headers ; Intrusion detection ; Intrusion detection systems ; Logic gates ; Manuals ; network security ; packet preprocessing ; Packets (communication) ; payload-aware intrusion detection ; Payloads ; Recurrent neural networks</subject><ispartof>IEEE access, 2019, Vol.7, p.49985-49998</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2019</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c408t-b1630ebde09cf73c5d843fe1350e4b96b80aa857656a99ad51b4dc1a0ea606713</citedby><cites>FETCH-LOGICAL-c408t-b1630ebde09cf73c5d843fe1350e4b96b80aa857656a99ad51b4dc1a0ea606713</cites><orcidid>0000-0002-2377-4178 ; 0000-0002-8452-2492</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/8689015$$EHTML$$P50$$Gieee$$Hfree_for_read</linktohtml><link.rule.ids>314,780,784,4024,27633,27923,27924,27925,54933</link.rule.ids></links><search><creatorcontrib>Hao, Yiran</creatorcontrib><creatorcontrib>Sheng, Yiqiang</creatorcontrib><creatorcontrib>Wang, Jinlin</creatorcontrib><title>Variant Gated Recurrent Units With Encoders to Preprocess Packets for Payload-Aware Intrusion Detection</title><title>IEEE access</title><addtitle>Access</addtitle><description>This paper investigates variant-gated recurrent units with encoders to preprocess packets for payload-aware intrusion detection. The variant-gated recurrent units include an encoded gated recurrent unit (E-GRU) and an encoded binarized gated recurrent unit (E-BinGRU). First, the originally collected traffic is split into packets that are segmented into fixed length. Next, the temporal features of the segmented packets with payloads and headers are extracted by the encoders of variant-gated recurrent units. Then, the performance of the intrusion detection system (IDS) is evaluated in terms of accuracy, detection rate, and false alarm rate. It is worth noting that we use the encoder to automatically preprocess network packets to obtain the features that accurately represent the network packets. The variant-gated recurrent units automatically learn network packet payload and header features to effectively improve the detection rate of the IDS. In addition, the E-BinGRU drastically reduces the memory size required and replaces most arithmetic operations with the bit-wise operations. E-GRU and E-BinGRU have never been used before in the network intrusion detection. The experimental results based on ISCX2012 show that the intrusion detection based on the investigated variant-gated recurrent units achieves higher accuracy and detection rates than three of the state-of-the-art methods. The accuracy rates of E-GRU and E-BinGRU are up to 99.9% and 99.7%, respectively, and the detection rates of E-GRU and E-BinGRU are up to 99.9% and 99.8%, respectively. The memory usage of E-GRU is approximately 32 times that of GRU.</description><subject>Accuracy</subject><subject>Binary</subject><subject>Coders</subject><subject>Communications traffic</subject><subject>Computer architecture</subject><subject>encoder</subject><subject>False alarms</subject><subject>Feature extraction</subject><subject>gated recurrent unit</subject><subject>Headers</subject><subject>Intrusion detection</subject><subject>Intrusion detection systems</subject><subject>Logic gates</subject><subject>Manuals</subject><subject>network security</subject><subject>packet preprocessing</subject><subject>Packets (communication)</subject><subject>payload-aware intrusion detection</subject><subject>Payloads</subject><subject>Recurrent neural networks</subject><issn>2169-3536</issn><issn>2169-3536</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2019</creationdate><recordtype>article</recordtype><sourceid>ESBDL</sourceid><sourceid>DOA</sourceid><recordid>eNpNUU1vFDEMjRBIVEt_QS8jcZ7FmXxMclwtS1mpEhWlcIw8iafMskxKklXVf0_KVBW--Nnye7b1GLvgsOYc7IfNdru7uVl3wO26sxyMhlfsrOPatkIJ_fo__Jad53yAGqa2VH_G7r5jmnAuzSUWCs1X8qeUqNa381Ry82MqP5vd7GOglJsSm-tE9yl6yrm5Rv-L6swYU8WPx4ih3TxgomY_l3TKU5ybj1TIl4resTcjHjOdP-cVu_20-7b93F59udxvN1etl2BKO3AtgIZAYP3YC6-CkWIkLhSQHKweDCAa1Wul0VoMig8yeI5AqEH3XKzYftENEQ_uPk2_MT26iJP714jpzmEqkz-SkyLg4KnXYKTU2phgOWlNXT8Oo4exar1ftOrHf06UizvEU5rr-a6TSmmQpl63YmKZ8inmnGh82crBPRnkFoPck0Hu2aDKulhYExG9MIw2FrgSfwHrWYzF</recordid><startdate>2019</startdate><enddate>2019</enddate><creator>Hao, Yiran</creator><creator>Sheng, Yiqiang</creator><creator>Wang, Jinlin</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>ESBDL</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>7SR</scope><scope>8BQ</scope><scope>8FD</scope><scope>JG9</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>DOA</scope><orcidid>https://orcid.org/0000-0002-2377-4178</orcidid><orcidid>https://orcid.org/0000-0002-8452-2492</orcidid></search><sort><creationdate>2019</creationdate><title>Variant Gated Recurrent Units With Encoders to Preprocess Packets for Payload-Aware Intrusion Detection</title><author>Hao, Yiran ; Sheng, Yiqiang ; Wang, Jinlin</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c408t-b1630ebde09cf73c5d843fe1350e4b96b80aa857656a99ad51b4dc1a0ea606713</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2019</creationdate><topic>Accuracy</topic><topic>Binary</topic><topic>Coders</topic><topic>Communications traffic</topic><topic>Computer architecture</topic><topic>encoder</topic><topic>False alarms</topic><topic>Feature extraction</topic><topic>gated recurrent unit</topic><topic>Headers</topic><topic>Intrusion detection</topic><topic>Intrusion detection systems</topic><topic>Logic gates</topic><topic>Manuals</topic><topic>network security</topic><topic>packet preprocessing</topic><topic>Packets (communication)</topic><topic>payload-aware intrusion detection</topic><topic>Payloads</topic><topic>Recurrent neural networks</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Hao, Yiran</creatorcontrib><creatorcontrib>Sheng, Yiqiang</creatorcontrib><creatorcontrib>Wang, Jinlin</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE Xplore Open Access Journals</collection><collection>IEEE All-Society Periodicals Package (ASPP) Online</collection><collection>IEEE Xplore (Online service)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Engineered Materials Abstracts</collection><collection>METADEX</collection><collection>Technology Research Database</collection><collection>Materials Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>DOAJ Directory of Open Access Journals</collection><jtitle>IEEE access</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Hao, Yiran</au><au>Sheng, Yiqiang</au><au>Wang, Jinlin</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Variant Gated Recurrent Units With Encoders to Preprocess Packets for Payload-Aware Intrusion Detection</atitle><jtitle>IEEE access</jtitle><stitle>Access</stitle><date>2019</date><risdate>2019</risdate><volume>7</volume><spage>49985</spage><epage>49998</epage><pages>49985-49998</pages><issn>2169-3536</issn><eissn>2169-3536</eissn><coden>IAECCG</coden><abstract>This paper investigates variant-gated recurrent units with encoders to preprocess packets for payload-aware intrusion detection. The variant-gated recurrent units include an encoded gated recurrent unit (E-GRU) and an encoded binarized gated recurrent unit (E-BinGRU). First, the originally collected traffic is split into packets that are segmented into fixed length. Next, the temporal features of the segmented packets with payloads and headers are extracted by the encoders of variant-gated recurrent units. Then, the performance of the intrusion detection system (IDS) is evaluated in terms of accuracy, detection rate, and false alarm rate. It is worth noting that we use the encoder to automatically preprocess network packets to obtain the features that accurately represent the network packets. The variant-gated recurrent units automatically learn network packet payload and header features to effectively improve the detection rate of the IDS. In addition, the E-BinGRU drastically reduces the memory size required and replaces most arithmetic operations with the bit-wise operations. E-GRU and E-BinGRU have never been used before in the network intrusion detection. The experimental results based on ISCX2012 show that the intrusion detection based on the investigated variant-gated recurrent units achieves higher accuracy and detection rates than three of the state-of-the-art methods. The accuracy rates of E-GRU and E-BinGRU are up to 99.9% and 99.7%, respectively, and the detection rates of E-GRU and E-BinGRU are up to 99.9% and 99.8%, respectively. The memory usage of E-GRU is approximately 32 times that of GRU.</abstract><cop>Piscataway</cop><pub>IEEE</pub><doi>10.1109/ACCESS.2019.2910860</doi><tpages>14</tpages><orcidid>https://orcid.org/0000-0002-2377-4178</orcidid><orcidid>https://orcid.org/0000-0002-8452-2492</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext
identifier	ISSN: 2169-3536
ispartof	IEEE access, 2019, Vol.7, p.49985-49998
issn	2169-3536 2169-3536
language	eng
recordid	cdi_proquest_journals_2455604884
source	IEEE Xplore Open Access Journals
subjects	Accuracy Binary Coders Communications traffic Computer architecture encoder False alarms Feature extraction gated recurrent unit Headers Intrusion detection Intrusion detection systems Logic gates Manuals network security packet preprocessing Packets (communication) payload-aware intrusion detection Payloads Recurrent neural networks
title	Variant Gated Recurrent Units With Encoders to Preprocess Packets for Payload-Aware Intrusion Detection
url	http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-29T14%3A21%3A39IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_ieee_&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Variant%20Gated%20Recurrent%20Units%20With%20Encoders%20to%20Preprocess%20Packets%20for%20Payload-Aware%20Intrusion%20Detection&rft.jtitle=IEEE%20access&rft.au=Hao,%20Yiran&rft.date=2019&rft.volume=7&rft.spage=49985&rft.epage=49998&rft.pages=49985-49998&rft.issn=2169-3536&rft.eissn=2169-3536&rft.coden=IAECCG&rft_id=info:doi/10.1109/ACCESS.2019.2910860&rft_dat=%3Cproquest_ieee_%3E2455604884%3C/proquest_ieee_%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c408t-b1630ebde09cf73c5d843fe1350e4b96b80aa857656a99ad51b4dc1a0ea606713%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2455604884&rft_id=info:pmid/&rft_ieee_id=8689015&rfr_iscdi=true