Á¤º¸°úÇÐȸ³í¹®Áö (Journal of KIISE)
Current Result Document : 248 / 248
ÇѱÛÁ¦¸ñ(Korean Title) |
LSTM°ú ÀÓº£µù ±â¹ýÀ» È°¿ëÇÑ ³×Æ®¿öÅ© ħÀÔ Å½Áö ¸ðµ¨ |
¿µ¹®Á¦¸ñ(English Title) |
Improvement in Network Intrusion Detection based on LSTM and Feature Embedding |
ÀúÀÚ(Author) |
±ÇÇõ¹Î
ÀÌûÁØ
±Ý¶ô¿î
ÃÖÈñ¿
Hyeokmin Gwon
Chungjun Lee
Rakun Keum
Heeyoul Choi
|
¿ø¹®¼ö·Ïó(Citation) |
VOL 48 NO. 04 PP. 0418 ~ 0424 (2021. 04) |
Çѱ۳»¿ë (Korean Abstract) |
NIDS(Network Intrusion Detection System)´Â ³×Æ®¿öÅ© °æ°è º¸¾È¿¡ ÇʼöÀûÀÎ µµ±¸·Î½á ³×Æ®¿öÅ© ħÀÔÀ» °¨ÁöÇϱâ À§ÇØ ³×Æ®¿öÅ© Æ®·¡ÇÈ ÆÐŶÀ» °Ë»çÇÑ´Ù. ÇöÁ¸ÇÏ´Â ¸¹Àº ¿¬±¸µéÀº NIDS¸¦ ±¸ÃàÇÏ ±â À§ÇØ ±â°è ÇнÀ ±â¹ýÀ» »ç¿ëÇߴµ¥, ÀÌ·¯ÇÑ ¿¬±¸µéÀº ´Ù¾çÇÑ ÀΰøÁö´É ¾Ë°í¸®ÁòÀÇ È¿°ú¸¦ ÀÔÁõÇßÁö¸¸, ³×Æ®¿öÅ© Æ®·¡ÇÈ µ¥ÀÌÅÍÀÇ ½Ã°è¿ Á¤º¸¸¦ È°¿ëÇÏ´Â °æ¿ì´Â µå¹°¾ú´Ù. ½Å°æ¸Á ±â¹Ý ¸ðµ¨À» ÀÌ¿ëÇÑ ¿¬±¸¿¡´Â ³×Æ®¿öÅ© Æ®·¡ÇÈ µ¥ÀÌÅÍÀÇ ¹üÁÖÇü Á¤º¸¸¦ º¸´Ù ´õ È¿°úÀûÀ¸·Î È°¿ëÇÒ ¼ö ÀÖ´Â °¡´É¼ºÀÌ ³²¾ÆÀÖ´Ù. º» ³í¹® ¿¡¼´Â LSTM(Long Short-Term Memory) ³×Æ®¿öÅ©¸¦ ÀÌ¿ëÇÑ ¼øÂ÷Á¤º¸¿Í ÀÓº£µù ±â¹ýÀ» ÀÌ¿ëÇÑ ¹üÁÖÇü Á¤º¸¿¡ ±Ù°ÅÇÑ ³×Æ®¿öÅ© ħÀÔ Å½Áö ¸ðµ¨À» Á¦¾ÈÇÑ´Ù. °ËÁõÀ» À§ÇØ Á¾ÇÕÀûÀÎ ³×Æ®¿öÅ© Æ®·¡ÇÈ µ¥ÀÌÅÍ ÁýÇÕ ÀÎ UNSW-NB15¸¦ ÀÌ¿ëÇÏ¿© ºñ±³ ½ÇÇèÀ» ¼öÇàÇÏ¿´°í, ½ÇÇè °á°ú´Â Á¦¾ÈµÈ ¹æ¹ýÀÌ 99.72%ÀÇ ÀÌÇ× ºÐ·ù Á¤È®µµ·Î ±âÁ¸ÀÇ ¹æ½Äµé º¸´Ù ³ôÀº ¼º´ÉÀ» º¸ÀÌ´Â °ÍÀ» È®ÀÎÇÏ¿´´Ù.
|
¿µ¹®³»¿ë (English Abstract) |
Network Intrusion Detection System (NIDS) is an essential tool for network perimeter security. NIDS inspects network traffic packets to detect network intrusions. Most of the existing works have used machine learning techniques for building the system. While the reported works demonstrated the effectiveness of various artificial intelligence algorithms, only a few of them have utilized the time-series information of network traffic data. Also, categorical information of network traffic data has not been included in neural network-based approaches. In this paper, we propose network intrusion detection models based on sequential information using the long short-term memory (LSTM) network and categorical information using the embedding technique. We have conducted experiments using models with UNSW-NB15, which is a comprehensive network traffic dataset. The experiment results confirm that the proposed method improves the performance, with a binary classification accuracy rate of 99.72%.
|
Å°¿öµå(Keyword) |
³×Æ®¿öÅ© ħÀÔŽÁö
±â°èÇнÀ
LSTM
Ư¡ ÀÓº£µù
network intrusion detection
machine learning
LSTM
feature embedding
|
ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|