AI-IDS: Application of Deep Learning to Real-Time Web Intrusion Detection
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Kim, Aechan | - |
dc.contributor.author | Park, Mohyun | - |
dc.contributor.author | Lee, Dong Hoon | - |
dc.date.accessioned | 2021-08-31T16:08:18Z | - |
dc.date.available | 2021-08-31T16:08:18Z | - |
dc.date.created | 2021-06-18 | - |
dc.date.issued | 2020 | - |
dc.identifier.issn | 2169-3536 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/59013 | - |
dc.description.abstract | Deep Learning has been widely applied to problems in detecting various network attacks. However, no cases on network security have shown applications of various deep learning algorithms in real-time services beyond experimental conditions. Moreover, owing to the integration of high-performance computing, it is necessary to apply systems that can handle large-scale traffic. Given the rapid evolution of web-attacks, we implemented and applied our Artificial Intelligence-based Intrusion Detection System (AI-IDS). We propose an optimal convolutional neural network and long short-term memory network (CNN-LSTM) model, normalized UTF-8 character encoding for Spatial Feature Learning (SFL) to adequately extract the characteristics of real-time HTTP traffic without encryption, calculating entropy, and compression. We demonstrated its excellence through repeated experiments on two public datasets (CSIC-2010, CICIDS2017) and fixed real-time data. By training payloads that analyzed true or false positives with a labeling tool, AI-IDS distinguishes sophisticated attacks, such as unknown patterns, encoded or obfuscated attacks from benign traffic. It is a flexible and scalable system that is implemented based on Docker images, separating user-defined functions by independent images. It also helps to write and improve Snort rules for signature-based IDS based on newly identified patterns. As the model calculates the malicious probability by continuous training, it could accurately analyze unknown web-attacks. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC | - |
dc.subject | DETECTION SYSTEMS | - |
dc.title | AI-IDS: Application of Deep Learning to Real-Time Web Intrusion Detection | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Lee, Dong Hoon | - |
dc.identifier.doi | 10.1109/ACCESS.2020.2986882 | - |
dc.identifier.scopusid | 2-s2.0-85083901365 | - |
dc.identifier.wosid | 000549829900014 | - |
dc.identifier.bibliographicCitation | IEEE ACCESS, v.8, pp.70245 - 70261 | - |
dc.relation.isPartOf | IEEE ACCESS | - |
dc.citation.title | IEEE ACCESS | - |
dc.citation.volume | 8 | - |
dc.citation.startPage | 70245 | - |
dc.citation.endPage | 70261 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Engineering | - |
dc.relation.journalResearchArea | Telecommunications | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Engineering, Electrical & Electronic | - |
dc.relation.journalWebOfScienceCategory | Telecommunications | - |
dc.subject.keywordPlus | DETECTION SYSTEMS | - |
dc.subject.keywordAuthor | Intrusion detection | - |
dc.subject.keywordAuthor | Feature extraction | - |
dc.subject.keywordAuthor | Machine learning | - |
dc.subject.keywordAuthor | Real-time systems | - |
dc.subject.keywordAuthor | Wireless sensor networks | - |
dc.subject.keywordAuthor | Payloads | - |
dc.subject.keywordAuthor | Computer networks | - |
dc.subject.keywordAuthor | intrusion detection | - |
dc.subject.keywordAuthor | neural networks | - |
dc.subject.keywordAuthor | large-scale systems | - |
dc.subject.keywordAuthor | intelligent systems | - |
dc.subject.keywordAuthor | real time systems | - |
dc.subject.keywordAuthor | security | - |
dc.subject.keywordAuthor | CNN-LSTM | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
(02841) 서울특별시 성북구 안암로 14502-3290-1114
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.