A Proactive Model for Intrusion Detection Using Image Representation of Network Flows
Journal
IEEE Access
Date Issued
January 1, 2024
DOI
10.1109/ACCESS.2024.3489772
Abstract
Many interconnected IoT devices driven by imperatives of efficiency and convenience often lack adequate security measures, making them susceptible to exploitation by cyber-criminals. Effective network security necessitates meticulous intrusion detection, which typically involves scrutinizing the network traffic using deep packet or stateful protocol inspection techniques. However, traditional inspection methods often require manual feature engineering, which can result in loss of payload information and thus, false alarms. In this study, a controlled testbed environment is established to capture botnet traffic. The paper introduces a detection approach that involves converting raw NetFlow data to IDX, short for 'Index,' image representations. A hybrid deep learning architecture is designed, integrating VGG19 and GRU structures to learn the spatial and temporal features, respectively. The detection results show that the proposed solution achieves 98.883% true positives rate and 0.9% false negatives rate, surpassing conventional anomaly detection. In addition, an adaptive sliding window technique is introduced for live intrusion detection and prevention. Through iterative testing and refinement, a runtime of 0.041 ms per image and 0.00171 ms per packet is achieved, confirming the robust nature of the proposed method.
File(s)![Thumbnail Image]()
Name
A_Proactive_Model_for_Intrusion.pdf
Size
1.98 MB
Format
Adobe PDF
Checksum (MD5)
2c11352522c87b4c59c16caebe5dfb40