Dimitrios Papamartzivanos, Félix Gómez Mármol, Georgios Kambourakis
IEEE Access, vol. 7, no. 1, pp. 13546-13560
Publication year: 2019

Abstract

Intrusion detection systems (IDSs) are essential elements when it comes to the protection of an ICT infrastructure. Misuse IDSs a stable method that can achieve high attack detection rates (ADR), while keeping false alarm rates under acceptable levels. However, misuse IDSs suffer from the lack of agility, as they are unqualified to adapt to new and “unknown” environments. That is, such an IDS puts a security administrator into an intensive engineering task for keeping the IDS up-to-date every time it faces efficiency drops. Considering the extended size of modern networks and the complexity of big network traffic data, the problem exceeds by far the limits of human managing capabilities. In this regard, we propose a novel methodology which combines the benefits of self-taught learning and MAPE-K frameworks to deliver a scalable, self-adaptive and autonomous misuse IDS. Our methodology enables a misuse IDS to sustain a high ADR even if it is imposed to consecutive and drastic environmental changes. Through the utilization of deep-learning based methods, the IDS is able to grasp an attack’s nature based on generalized features reconstructions stemming directly from the unknown environment and its unlabeled data. The experimental results reveal that our methodology can breathe new life into the IDS without the constant need of manually refreshing its training set. We evaluate our proposal under several classification metrics, and we show that it is able to increase the ADR of the IDS up to 73.37% in critical situations where a statically trained IDS is rendered totally ineffective.

Related Publications


Dendron: Genetic Trees driven Rule Induction for Network Intrusion Detection Systems

JournalQ1
Dimitrios Papamartzivanos, Félix Gómez Mármol, Georgios Kambourakis
Future Generation Computer Systems, vol. 79, no. 2, pp. 558-574
Publication year: 2018

Building a reputation-based bootstrapping mechanism for newcomers in collaborative alert systems

JournalQ2
Manuel Gil Pérez, Félix Gómez Mármol, Gregorio Martínez Pérez, Antonio F. Skarmeta Gómez
Journal of Computer and System Sciences, Special Issue on Wireless Networks Intrusion, vol. 80, no. 3, pp. 571-590
Publication year: 2014

Co-Authors

This work would not have been possible without the inestimable contribution of:

  • Dimitrios Papamartzivanos
  • Georgios Kambourakis

Dimitrios<br />
Papamartzivanos

Dimitrios
Papamartzivanos

University of the Aegean
(Greece)

Web
Georgios<br />
Kambourakis

Georgios
Kambourakis

University of the Aegean
(Greece)

Web

Citation

Dimitrios Papamartzivanos, Félix Gómez Mármol, Georgios Kambourakis, «Introducing Deep Learning Self-Adaptive Misuse Network Intrusion Detection Systems«, IEEE Access, vol. 7, no. 1, pp. 13546-13560, 2019

Journal Ranking & Impact Factor

  • Journal: IEEE Access
  • Category: Computer Science, Information Systems
  • Rank: 23/155
  • Quartile: Q1
  • Impact Factor: 4.098