Network Intrusion Detection Using Deep Learning
A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Computer Science & Engineering".
Deadline for manuscript submissions: closed (31 May 2024) | Viewed by 24098
Special Issue Editor
2. Institute for Computing and Information Sciences, Faculty of Science, Radboud University, Nijmegen, The Netherlands
Interests: network security; software security
Special Issue Information
Dear Colleagues,
The design of network intrusion detection systems that are able to handle ever-increasing traffic volumes and new types of intrusions has been a challenging task for decades. In recent years, researchers have achieved impressive results by applying deep-learning models for network intrusion detection, especially with auto-encoders and deep neural networks. Despite this steady progress, we are still facing many challenges related to both the nature of deep-learning models, the evolving types of intrusions, and the availability of realistic datasets.
The key advantage of deep-learning models is that they, by themselves, have a good ability to identify traffic features related to intrusions at several layers of abstraction in large data volumes. However, these deep-learning models are rather complex. Training such complex models requires extensive computing resources. The complexity of these models also restricts their application in real-time intrusion detection. Another challenge is that the internal operation of deep-learning models is rather opaque. Although their operation can be expressed in a (large) set of mathematical equations, it is extremely difficult to reveal and explain the decision rules taken by the models. A better understanding of the internal operation would make it possible to improve the models, for instance, to reduce their complexity or increase their detection accuracy.
The evolving types of intrusions and how they are manifested in network traffic also raises concerns. Network intrusion detection systems should be able to detect new types of intrusions that exploit zero-day vulnerabilities. This is challenging for deep-learning models, which might be overfitted and trained too well, which leads to reduced detection accuracy when the models are applied to traffic with slightly different characteristics. In the future, self-adaptable models that learn and adapt to changes in traffic characteristics on-the-fly may provide a solution. Additionally, detection systems should be able to detect intrusions that apply evasion techniques such as low-frequency attacks, traffic fragmentation, and obfuscation or encryption of payload data.
A general difficulty for deep-learning models is that they require large and realistic datasets for training. Many publications to date have used old datasets, which raises the question of how well the models would perform with newer datasets that reflect current traffic characteristics. This also hampers the comparison of novel deep-learning models with prior intrusion detection systems. The creation of realistic datasets is a problem in itself, where issues like imbalance, including a realistic mix of intrusions, and the labelling of traffic have to be addressed.
The objective of this Special Issue is to publish high-quality research papers that advance the state-of-the-art by addressing the challenges in network intrusion detection using deep learning as described above. We particularly welcome papers that address the complexity, applicability, adaptability, and explainability of deep-learning models; papers that improve the performance of deep-learning models for detecting evolving types of intrusion; and corresponding datasets.
Dr. Harald Vranken
Guest Editor
Manuscript Submission Information
Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.
Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.
Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.
Keywords
- network intrusion detection
- deep learning
Benefits of Publishing in a Special Issue
- Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
- Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
- Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
- External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
- e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.
Further information on MDPI's Special Issue polices can be found here.