Um Sistema de Detecção de Intrusão Baseado em Aprendizagem por Reforço
Abstract
Over the last years, several techniques were proposed for network-based intrusion detection. However, despite the promising results reported, these techniques do not deal with changes in network traffic over time. In this paper, an approach based on reinforcement learning technique and assessment of the reliability of classifications is proposed to maintain the accuracy of the system over time. With this technique we seek to build models capable of maintaining accuracy for longer periods and assessing reliability while maintains accuracy even with outdated models. Experiments performed in a year of network traffic, showed that the proposed approach is capable of maintaining accuracy for 8 months and reliability for the evaluated period.
References
Abreu, V., Santin, A. O., Viegas, E. K., and Cogo, V. V. (2020). Identity and access management for IoT in smart grid. In Advanced Information Networking and Applications, pages 1215–1226. Springer International Publishing.
Al-Qatf, M., Lasheng, Y., Al-Habib, M., and Al-Sabahi, K. (2018). Deep learning approach combining sparse autoencoder with svm for network intrusion detection. In IEEE Access, volume 6, pages 52843–52856.
Caminero, G., Lopez-Martin, M., and Carro, B. (2019). Adversarial environment reinforcement learning algorithm for intrusion detection. In Computer Networks, volume 159, pages 96–109.
CERT.br (2019). Estatísticas dos incidentes reportados ao cert.br.
Chandak, T., Ghorpad, C., and Shukla, S. (2019). Effective analysis of feature selection algorithms for network based intrusion detection system. In 2019 IEEE Bombay Section Signature Conference (IBSSC), pages 1–5.
Cisco (2019). Cisco visual networking index: Global mobile data traffic forecast update, 2019 – 2022.
Cui, J., Long, J., Min, E., and Mao, Y. (2018). Wedl-nids: Improving network intrusion In Springer, editor, detection using word embedding-based deep learning method. Modeling Decisions for Artificial Intelligence, volume 11144.
Dominique, N. and Ma, Z. (2019). Enhancing network intrusion detection system method (nids) using mutual information (rf-cife). In Springer, editor, Security with Intelligent Computing and Big-data Services. SICBS 2018. Advances in Intelligent Systems and Computing, volume 895.
Gupta, D., Singhal, S., Malik, S., and Singh, A. (2016). Network intrusion detection system using various data mining techniques. In International Conference on Research Advances in Integrated Navigation Systems (RAINS 2016).
Gym. Openai. available online.
Haddad, Z., Hanoune, M., and Manoumi, A. (2016). A collaborative framework for intrusion detection (c-nids) in cloud computing. In 2016 2nd International Conference on Cloud Computing Technologies and Applications (CloudTech), pages 261–265.
Kugler, E., Santin, A. O., Cogo, V. V., and Abreu, V. (2020). Facing the unknown: A stream learning intrusion detection system for reliable model updates. In Advanced Information Networking and Applications, pages 898–909. Springer International Publishing.
Mallmann, J., Santin, A. O., Viegas, E. K., dos Santos, R. R., and Geremias, J. (2020). PPCensor: Architecture for real-time pornography detection in video streaming. Future Generation Computer Systems, 112:945–955.
Mawi. Mawi. available online.
Mawilab. Mawilab. available online.
Nanda, N. and Parikh, A. (2019). Hybrid approach for network intrusion detection system using random forest classifier and rough set theory for rules generation. In Springer, editor, Advanced Informatics for Computing Research. ICAICR 2019. Communications in Computer and Information Science, volume 1076.
Otoum, S., Kantarci, B., and Mouftah, H. (2019). Empowering reinforcement learning on big sensed data for intrusion detection. In 2019 IEEE International Conference on Communications (ICC), pages 1–7.
Van, N., Thinh, T., and Sach, L. (2017). An anomaly-based network intrusion detection system using deep learning. In 2017 International Conference on System Science and Engineering (ICSSE), pages 210–214.
Viegas, E., Santin, A., Bessani, A., and Neves, N. (2019). BigFlow: Real-time and reliable anomaly-based intrusion detection for high-speed networks. Future Generation Computer Systems, 93:473–485.
Viegas, E. K., Santin, A. O., and Oliveira, L. S. (2017). Toward a reliable anomaly-based intrusion detection in real-world environments. Computer Networks, 127:200–216.
Al-Qatf, M., Lasheng, Y., Al-Habib, M., and Al-Sabahi, K. (2018). Deep learning approach combining sparse autoencoder with svm for network intrusion detection. In IEEE Access, volume 6, pages 52843–52856.
Caminero, G., Lopez-Martin, M., and Carro, B. (2019). Adversarial environment reinforcement learning algorithm for intrusion detection. In Computer Networks, volume 159, pages 96–109.
CERT.br (2019). Estatísticas dos incidentes reportados ao cert.br.
Chandak, T., Ghorpad, C., and Shukla, S. (2019). Effective analysis of feature selection algorithms for network based intrusion detection system. In 2019 IEEE Bombay Section Signature Conference (IBSSC), pages 1–5.
Cisco (2019). Cisco visual networking index: Global mobile data traffic forecast update, 2019 – 2022.
Cui, J., Long, J., Min, E., and Mao, Y. (2018). Wedl-nids: Improving network intrusion In Springer, editor, detection using word embedding-based deep learning method. Modeling Decisions for Artificial Intelligence, volume 11144.
Dominique, N. and Ma, Z. (2019). Enhancing network intrusion detection system method (nids) using mutual information (rf-cife). In Springer, editor, Security with Intelligent Computing and Big-data Services. SICBS 2018. Advances in Intelligent Systems and Computing, volume 895.
Gupta, D., Singhal, S., Malik, S., and Singh, A. (2016). Network intrusion detection system using various data mining techniques. In International Conference on Research Advances in Integrated Navigation Systems (RAINS 2016).
Gym. Openai. available online.
Haddad, Z., Hanoune, M., and Manoumi, A. (2016). A collaborative framework for intrusion detection (c-nids) in cloud computing. In 2016 2nd International Conference on Cloud Computing Technologies and Applications (CloudTech), pages 261–265.
Kugler, E., Santin, A. O., Cogo, V. V., and Abreu, V. (2020). Facing the unknown: A stream learning intrusion detection system for reliable model updates. In Advanced Information Networking and Applications, pages 898–909. Springer International Publishing.
Mallmann, J., Santin, A. O., Viegas, E. K., dos Santos, R. R., and Geremias, J. (2020). PPCensor: Architecture for real-time pornography detection in video streaming. Future Generation Computer Systems, 112:945–955.
Mawi. Mawi. available online.
Mawilab. Mawilab. available online.
Nanda, N. and Parikh, A. (2019). Hybrid approach for network intrusion detection system using random forest classifier and rough set theory for rules generation. In Springer, editor, Advanced Informatics for Computing Research. ICAICR 2019. Communications in Computer and Information Science, volume 1076.
Otoum, S., Kantarci, B., and Mouftah, H. (2019). Empowering reinforcement learning on big sensed data for intrusion detection. In 2019 IEEE International Conference on Communications (ICC), pages 1–7.
Van, N., Thinh, T., and Sach, L. (2017). An anomaly-based network intrusion detection system using deep learning. In 2017 International Conference on System Science and Engineering (ICSSE), pages 210–214.
Viegas, E., Santin, A., Bessani, A., and Neves, N. (2019). BigFlow: Real-time and reliable anomaly-based intrusion detection for high-speed networks. Future Generation Computer Systems, 93:473–485.
Viegas, E. K., Santin, A. O., and Oliveira, L. S. (2017). Toward a reliable anomaly-based intrusion detection in real-world environments. Computer Networks, 127:200–216.
Published
2020-10-13
How to Cite
SANTOS, Roger R. dos; VIEGAS, Eduardo K.; SANTIN, Altair O.; MALLMANN, Jackson.
Um Sistema de Detecção de Intrusão Baseado em Aprendizagem por Reforço. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 20. , 2020, Petrópolis.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2020
.
p. 395-407.
DOI: https://doi.org/10.5753/sbseg.2020.19252.
