TY - JOUR
T1 - Deep learning-based feature extraction and optimizing pattern matching for intrusion detection using finite state machine
AU - Abbasi, Junaid Shabbir
AU - Bashir, Faisal
AU - Qureshi, Kashif Naseer
AU - Najam ul Islam, Muhammad
AU - Jeon, Gwanggil
N1 - Publisher Copyright:
© 2021
PY - 2021/6
Y1 - 2021/6
N2 - Deep learning has gained popularity for feature extraction in the field of Network Intrusion Detection and Prevention System (NIDPS) to extract the patterns matching and secure the networks by detecting the unknown and malicious activities. The malicious activities and security attacks are disturbing the normal operations of networks. The new attacks are difficult to monitor due to their new features and pattern types. Different types of methods have been adopted for feature extraction and pattern matching. Deep learning is one of them and subfield of machine learning where it solves the optimization issues layer-wise by looking at the deep structure. On the other hand, pattern matching is another considerable method for intrusion detection due to its variety of applications. However, pattern matching methods are consuming more than 70% of the total running time and cause overhead. In this paper, we propose two methods including Deep Learning-based Feature Extraction (DLFE) and Optimization of Pattern Matching (OPM) for NIDPS systems to optimizes the pattern matching engine in intrusion detection. The experiments are performed by using the snort ruleset for pattern matching and obtained the results. The experiment results show the better performance of proposed methods in terms of time, throughput, and memory.
AB - Deep learning has gained popularity for feature extraction in the field of Network Intrusion Detection and Prevention System (NIDPS) to extract the patterns matching and secure the networks by detecting the unknown and malicious activities. The malicious activities and security attacks are disturbing the normal operations of networks. The new attacks are difficult to monitor due to their new features and pattern types. Different types of methods have been adopted for feature extraction and pattern matching. Deep learning is one of them and subfield of machine learning where it solves the optimization issues layer-wise by looking at the deep structure. On the other hand, pattern matching is another considerable method for intrusion detection due to its variety of applications. However, pattern matching methods are consuming more than 70% of the total running time and cause overhead. In this paper, we propose two methods including Deep Learning-based Feature Extraction (DLFE) and Optimization of Pattern Matching (OPM) for NIDPS systems to optimizes the pattern matching engine in intrusion detection. The experiments are performed by using the snort ruleset for pattern matching and obtained the results. The experiment results show the better performance of proposed methods in terms of time, throughput, and memory.
KW - Attacks
KW - Deep learning
KW - Detection
KW - Intrusion detection
KW - Machine learning
KW - Pattern matching
UR - http://www.scopus.com/inward/record.url?scp=85103093636&partnerID=8YFLogxK
U2 - 10.1016/j.compeleceng.2021.107094
DO - 10.1016/j.compeleceng.2021.107094
M3 - Article
AN - SCOPUS:85103093636
SN - 0045-7906
VL - 92
JO - Computers and Electrical Engineering
JF - Computers and Electrical Engineering
M1 - 107094
ER -