Next Article in Journal
Real-Time Detection of Orbital Maneuvers Using Epoch-Differenced Carrier Phase Observations and Broadcast Ephemeris Data: A Case Study of the BDS Dataset
Next Article in Special Issue
Cascaded Cross-Modality Fusion Network for 3D Object Detection
Previous Article in Journal
Optimization Design and Flexible Detection Method of Wall-Climbing Robot System with Multiple Sensors Integration for Magnetic Particle Testing
Previous Article in Special Issue
Intelligent Controller Design by the Artificial Intelligence Methods
Open AccessArticle

A Deep Learning Ensemble for Network Anomaly and Cyber-Attack Detection

Institute of Telecommunications and Computer Science, UTP University of Science and Technology, Kaliskiego 7, 85-976 Bydgoszcz, Poland
*
Author to whom correspondence should be addressed.
Sensors 2020, 20(16), 4583; https://doi.org/10.3390/s20164583
Received: 21 July 2020 / Revised: 12 August 2020 / Accepted: 13 August 2020 / Published: 15 August 2020
Currently, expert systems and applied machine learning algorithms are widely used to automate network intrusion detection. In critical infrastructure applications of communication technologies, the interaction among various industrial control systems and the Internet environment intrinsic to the IoT technology makes them susceptible to cyber-attacks. Given the existence of the enormous network traffic in critical Cyber-Physical Systems (CPSs), traditional methods of machine learning implemented in network anomaly detection are inefficient. Therefore, recently developed machine learning techniques, with the emphasis on deep learning, are finding their successful implementations in the detection and classification of anomalies at both the network and host levels. This paper presents an ensemble method that leverages deep models such as the Deep Neural Network (DNN) and Long Short-Term Memory (LSTM) and a meta-classifier (i.e., logistic regression) following the principle of stacked generalization. To enhance the capabilities of the proposed approach, the method utilizes a two-step process for the apprehension of network anomalies. In the first stage, data pre-processing, a Deep Sparse AutoEncoder (DSAE) is employed for the feature engineering problem. In the second phase, a stacking ensemble learning approach is utilized for classification. The efficiency of the method disclosed in this work is tested on heterogeneous datasets, including data gathered in the IoT environment, namely IoT-23, LITNET-2020, and NetML-2020. The results of the evaluation of the proposed approach are discussed. Statistical significance is tested and compared to the state-of-the-art approaches in network anomaly detection. View Full-Text
Keywords: anomaly detection; cyber-attacks; data pre-processing; deep learning; feature engineering; machine learning; network intrusion anomaly detection; cyber-attacks; data pre-processing; deep learning; feature engineering; machine learning; network intrusion
Show Figures

Figure 1

MDPI and ACS Style

Dutta, V.; Choraś, M.; Pawlicki, M.; Kozik, R. A Deep Learning Ensemble for Network Anomaly and Cyber-Attack Detection. Sensors 2020, 20, 4583. https://doi.org/10.3390/s20164583

AMA Style

Dutta V, Choraś M, Pawlicki M, Kozik R. A Deep Learning Ensemble for Network Anomaly and Cyber-Attack Detection. Sensors. 2020; 20(16):4583. https://doi.org/10.3390/s20164583

Chicago/Turabian Style

Dutta, Vibekananda; Choraś, Michał; Pawlicki, Marek; Kozik, Rafał. 2020. "A Deep Learning Ensemble for Network Anomaly and Cyber-Attack Detection" Sensors 20, no. 16: 4583. https://doi.org/10.3390/s20164583

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop