International Journal of Wireless and Microwave Technologies (IJWMT)
IJWMT Vol. 13, No. 4, 8 Aug. 2023
Cover page and Table of Contents: PDF (size: 623KB)
Evaluating Linear and Non-linear Dimensionality Reduction Approaches for Deep Learning-based Network Intrusion Detection Systems
Full Text (PDF, 623KB), PP.35-46
Views: 0 Downloads: 0
Author(s)
Stephen Kahara Wanjau
1,*
Geoffrey Mariga Wambugu
2
Aaron Mogeni Oirere
1
Index Terms
Classification, Dimensionality Reduction, Feature Extraction, Network Intrusion Detection System, Isometric Feature Mapping, Principal Component Analysis
Abstract
Dimensionality reduction is an essential ingredient of machine learning modelling that seeks to improve the performance of such models by extracting better quality features from data while removing irrelevant and redundant ones. The technique aids reduce computational load, avoiding data over-fitting, and increasing model interpretability. Recent studies have revealed that dimensionality reduction can benefit from labeled information, through joint approximation of predictors and target variables from a low-rank representation. A multiplicity of linear and non-linear dimensionality reduction techniques are proposed in the literature contingent on the nature of the domain of interest. This paper presents an evaluation of the performance of a hybrid deep learning model using feature extraction techniques while being applied to a benchmark network intrusion detection dataset. We compare the performance of linear and non-linear feature extraction methods namely, the Principal Component Analysis and Isometric Feature Mapping respectively. The Principal Component Analysis is a non-parametric classical method normally used to extract a smaller representative dataset from high-dimensional data and classifies data that is linear in nature while preserving spatial characteristics. In contrast, Isometric Feature Mapping is a representative method in manifold learning that maps high-dimensional information into a lower feature space while endeavouring to maintain the neighborhood for each data point as well as the geodesic distances present among all pairs of data points. These two approaches were applied to the CICIDS 2017 network intrusion detection benchmark dataset to extract features. The extracted features were then utilized in the training of a hybrid deep learning-based intrusion detection model based on convolutional and a bi-direction long short term memory architecture and the model performance results were compared. The empirical results demonstrated the dominance of the Principal Component Analysis as compared to Isometric Feature Mapping in improving the performance of the hybrid deep learning model in classifying network intrusions. The suggested model attained 96.97% and 96.81% in overall accuracy and F1-score, respectively, when the PCA method was used for dimensionality reduction. The hybrid model further achieved a detection rate of 97.91% whereas the false alarm rate was reduced to 0.012 with the discriminative features reduced to 48. Thus the model based on the principal component analysis extracted salient features that improved detection rate and reduced the false alarm rate.
Cite This Paper
Stephen Kahara Wanjau, Geoffrey Mariga Wambugu, Aaron Mogeni Oirere, "Evaluating Linear and Non-linear Dimensionality Reduction Approaches for Deep Learning-based Network Intrusion Detection Systems", International Journal of Wireless and Microwave Technologies(IJWMT), Vol.13, No.4, pp. 35-46, 2023. DOI:10.5815/ijwmt.2023.04.05
Reference
[1]F. Salo, A. B. Nassif and A. Essex, "Dimensionality reduction with IG-PCA and ensemble classifier for network intrusion detection," Computer Networks, vol. 148, pp. 164-175, 2019.
[2]L. Zhang, M. Li, X. Wang and Y. Huang, "An Improved Network Intrusion Detection Based on Deep Neural Network," IOP Conference Series: Materials Science and Engineering, vol. 563 , pp. 1-8, May 2019.
[3]K. Trieu and Y. Yang, "Artificial Intelligence - Based Password Brute Force Attacks," in Proceedings of the Thirteenth Midwest Association for Information Systems Conference, Saint Louis, Missouri, May 17-18, 2018.
[4]T. Poggio and Q. Liao, "Theory I: Deep networks and the curse of dimensionality," BULLETIN OF THE POLISH ACADEMY OF SCIENCES TECHNICAL SCIENCES, vol. 66, no. 6, pp. 761-773, 2018.
[5]R. Abdulhammed, H. Musafer, A. Alessa, M. Faezipour and A. Abuzneid, "Features Dimensionality Reduction Approaches for Machine Learning Based Network Intrusion Detection," Electronics, vol. 8, no. 322, pp. 1-27, 2019.
[6]A. Hijazi, E.-A. Safadi and J.-M. Flaus, "A Deep Learning Approach for Intrusion Detection System in Industry Network," CEUR-WS, vol. 2343, pp. 55-62, 2020.
[7]B. Lee, S. Amaresh, C. Green and D. Engels, "Comparative Study of Deep Learning Models for Network Intrusion Detection," SMU Data Science Review, vol. 1, no. 1, 2018).
[8]Y. Fu, Y. Du, Z. Cao, Q. Li and W. A. Xiang, "Deep Learning Model for Network Intrusion Detection with Imbalanced Data," Electronics, vol. 11, no. 898, p. 13, 2022.
[9]L. Ashiku and C. Dagli, "Network Intrusion Detection System using Deep Learning," Procedia Computer Science, vol. 185, pp. 239-247, 2021.
[10]R. Chalapathy and S. Chawla, "DEEP LEARNING FOR ANOMALY DETECTION: A SURVEY," ArXiv Preprints, p. ArXiv:1901.03407v2, 2019.
[11]G. Wang, J. Yang and R. Li, "An Anomaly Detection Framework Based on ICA and Bayesian Classification for IaaS Platforms," KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, vol. 10, no. 8, pp. 3 865-3 883, August 2016.
[12]S. Velliangiri, S. Alagumuthukrishnan, S. Iwin and J. Thankumar, "A Review of Dimensionality Reduction Techniques for Efficient Computation," Procedia Computer Science, vol. 169, pp. 104-111, 2019.
[13]W. C. Y. &. S. W. Zong, "Dimensionality Reduction and Visualization of Network Intrusion Detection Data.," in Lecture Notes in Computer Science, 2019, pp. 441-455.
[14]Canadian Institute for Cybersecurity, "Intrusion Detection Evaluation Dataset (CICIDS2017)," Canadian Institute for Cybersecurity, 2017. [Online]. Available: http://www.unb.ca/cic/datasets/ids-2017.html. [Accessed 19 November 2020].
[15]A. Thakkar and R. Lohiya, "Review of the Advancement in Intrusion Detection Datasets," Procedia Computer Science, vol. 167, pp. 636-645, 2020.
[16]R. Vinayakumar, M. Alazab, K. Soman, P. Poornachandran, A. Al-Nemrat and S. Venkatraman, "Deep Learning Approach for Intelligent Intrusion Detection System," IEEE Access, pp. 41525-41550, 2019.
[17]B. ChandraSekhar, A. Niranjan and G. VenkataRamiReddy, "Dimensionality Reduction using Deep Learning Techniques," International Journal of Psychosocial Rehabilitation, vol. 24, no. 6, pp. 1137-1143, 2020.
[18]K. -M. Zheng, X. Qian and N. An, "Supervised Non-Linear Dimensionality Reduction Techniques for Classification in Intrusion Detection," in 2010 International Conference on Artificial Intelligence and Computational Intelligence, Sanya, China, 2010.
[19]H. Elkassabi, M. Ashour and F. Zaki, "A PROPOSED MODEL FOR DIMENSIONALITY REDUCTION TO IMPROVE THE CLASSIFICATION CAPABILITY OF INTRUSION PROTECTION SYSTEMS," International Journal of Network Security & Its Application (IJNSA), vol. 12, no. 4, pp. 17-37, July 2020.
[20]T. N. Varunram, M. B. Shivaprasad, K. H. Aishwarya, A. Balraj, S. V. Savish and S. Ullas, "Analysis of Different Dimensionality Reduction Techniques and Machine Learning Algorithms for an Intrusion Detection System," in 2021 IEEE 6th International Conference on Computing, Communication and Automation (ICCCA), Arad, Romania, 2021.
[21]V. Kouliaridis, N. Potha and G. Kambourakis, "Improving Android Malware Detection Through Dimensionality Reduction Techniques," in Machine Learning for Networking: Third International Conference, MLN 2020, Paris, France, 2020.
[22]Q. Niyaz, "Design and Implementation of a Deep Learning based Intrusion Detection System in Software-Defined Networking Environments," 2017.
[23]F. Laghrissi, S. Douzi and K. Douzi, "Intrusion detection systems using long short-term memory (LSTM)," Journal of Big Data , vol. 8, no. 65, p. 16, 2021.
[24]S. M. Yadav and R. Kalpana, "Effective Dimensionality Reduction Techniques for Network Intrusion Detection System Based on Deep Learning," in Data Intelligence and Cognitive Informatics: Proceedings of ICDICI 2020 (Algorithms for Intelligent Systems), 1st ed., I. J. Jacob, S. Shanmugam, S. Piramuthu and P. Falkowski-Gilski, Eds., Springer Nature Singapore Pte Ltd, 2022, pp. 507-516.
[25]S. Alotaibi, K. Yadav, A. Aledaily, L. Alkwai, A. K. Yousef Dafhalla, S. Almansour and V. Lingamuthu, "Deep Neural Network-Based Intrusion Detection System through PCA," Mathematical Problems in Engineering, vol. 2022, p. 9, 2022.
[26]I. de-la-Bandera, D. Palacios, J. Mendoza and R. Barco, "Feature Extraction for Dimensionality Reduction in Cellular Networks Performance Analysis," Sensors(Basel), vol. 20, no. 23, p. 10, 4 Dec 2020.
[27]R. Khandelwal, "A Comprehensive Guide to Dimensionality Reduction," 17 January 2022. [Online]. Available: https://arshren.medium.com/a-comprehensive-guide-to-dimensionality-reduction-851624b7377d. [Accessed 28 June 2022].
[28]D. Mishra and S. Sharma, "Performance Analysis of Dimensionality Reduction Techniques: A Comprehensive Review," Advances in Mechanical Engineering, p. 639–651, 2021.
[29]G. E. Hinton and R. R. Salakhutdinov, "Reducing the dimensionality of data with neural networks," Science, vol. 313, no. 5786, pp. 504-507, 2006.
[30]C. Sorzano, J. Vargas and A. Montano, "A survey of dimensionality reduction techniques," arXiv2014, p. arXiv:1403.2877, 2014.
[31]Y. Xiao, C. Xing, T. Zhang and Z. Zhao, "An Intrusion Detection Model Based on Feature Reduction and Convolutional Neural Networks," IEEE Access, vol. 7, pp. 42210-42219, 2019.
[32]K. K. Vasan and B. Surendiran, "Dimensionality reduction using Principal Component Analysis for network intrusion detection," Perspectives in Science, vol. 8, pp. 510-512, 2016.
[33]W. Jia, M. Sun, J. Lian and S. Hou, "Feature dimensionality reduction: a review," Complex & Intelligent Systems, vol. 8, p. 2663–2693, 2022.
[34]X. Liu, P. Ma and G. Li, "Research on Adaptive ISOMAP Algorithm and Application in Intrusion Detection," Journal of Physics: Conference Series, vol. 1607, pp. 1-10, 2020.
[35]F. Chollet, "Keras," GitHub repository, 2015.
[36]TensorFlow, "An end-to-end open source machine learning platform," 30 Oct 2020. [Online]. Available: https://www.tensorflow.org/api_docs/python/tf.
[37]R. Abdulhammed, M. Faezipour, H. Musafer and A. Abuzneid, "Efficient Network Intrusion Detection Using PCA-Based Dimensionality Reduction of Features," in 2019 International Symposium on Networks, Computers and Communications (ISNCC), Istanbul, Turkey, 2019.
[38]I. Jolliffe and J. Cadima, "Principal component analysis: a review and recent developments," Phil. Trans. R. Soc. A., vol. 374, 2016.