A Feed-Forward and Pattern Recognition ANN Model for Network Intrusion Detection

Full Text (PDF, 353KB), PP.19-25

Views: 0 Downloads: 0


Ahmed Iqbal 1,* Shabib Aftab 1

1. Department of Computer Science, Virtual University of Pakistan

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2019.04.03

Received: 10 Feb. 2019 / Revised: 17 Feb. 2019 / Accepted: 24 Feb. 2019 / Published: 8 Apr. 2019

Index Terms

Intrusion detection, Security, Anomaly detection, Intrusion Detection System, NSL-KDD, Neural Networks


Network security is an essential element in the day-to-day IT operations of nearly every organization in business. Securing a computer network means considering the threats and vulnerabilities and arrange the countermeasures. Network security threats are increasing rapidly and making wireless network and internet services unreliable and insecure. Intrusion Detection System plays a protective role in shielding a network from potential intrusions. In this research paper, Feed Forward Neural Network and Pattern Recognition Neural Network are designed and tested for the detection of various attacks by using modified KDD Cup99 dataset. In our proposed models, Bayesian Regularization and Scaled Conjugate Gradient, training functions are used to train the Artificial Neural Networks. Various performance measures such as Accuracy, MCC, R-squared, MSE, DR, FAR and AROC are used to evaluate the performance of proposed Neural Network Models. The results have shown that both the models have outperformed each other in different performance measures on different attack detections.

Cite This Paper

Ahmed Iqbal, Shabib Aftab, "A Feed-Forward and Pattern Recognition ANN Model for Network Intrusion Detection", International Journal of Computer Network and Information Security(IJCNIS), Vol.11, No.4, pp.19-25, 2019. DOI:10.5815/ijcnis.2019.04.03


[1]R. Tewatia, A. Mishra, “Introduction to Intrusion Detection System: Review,” Int. J. Sci. Technol. Res., vol. 4, no. 05, MAY 2015.
[2]S. Mukkamala, G. Janoski, A. Sung, “Intrusion Detection: Support Vector Machines and Neural Networks,” IEEE Xplore, 2002.
[3]R. Beghdad, “Efficient deterministic method for detecting new U2R attacks,” Comput. Commun., vol. 32, no. 6, pp. 1104–1110, 2009.
[4]M. Sazzadul Hoque, “An Implementation of Intrusion Detection System Using Genetic Algorithm,” Int. J. Netw. Secur. Its Appl., vol. 4, no. 2, pp. 109–120, 2012.
[5]J. McHugh, “Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory,” ACM Trans. Inf. Syst. Secur., vol. 3, no. 4, pp. 262–294, 2000.
[6]M. Ahmad, S. Aftab, and I. Ali, “Sentiment Analysis of Tweets using SVM,” Int. J. Comput. Appl., vol. 177, no. 5, pp. 25–29, 2017.
[7]M. Ahmad, S. Aftab, I. Ali, and N. Hameed, “Hybrid Tools and Techniques for Sentiment Analysis: A Review,” Int. J. Multidiscip. Sci. Eng., vol. 8, no. 3, 2017
[8]M. Ahmad and S. Aftab, “Analyzing the Performance of SVM for Polarity Detection with Different Datasets,” Int. J. Mod. Educ. Comput. Sci., vol. 9, no. 10, pp. 29–36, 2017.
[9]M. Ahmad, S. Aftab, M. Salman, N. Hameed, I. Ali, and Z. Nawaz, “SVM Optimization for Sentiment Analysis,” Int. J. Adv. Comput. Sci. Appl., vol. 9, no. 4, 2018.
[10]M. Ahmad, S. Aftab, and S. S. Muhammad, “Machine Learning Techniques for Sentiment Analysis: A Review,” Int. J. Multidiscip. Sci. Eng., vol. 8, no. 3, p. 27, 2017.
[11]M. Ahmad, S. Aftab, M. Salman, and N. Hameed, “Sentiment Analysis using SVM: A Systematic Literature Review,” Int. J. Adv. Comput. Sci. Appl., vol. 9, no. 2, 2018.
[12]S. Aftab, M. Ahmad, N. Hameed, M. Salman, I. Ali, and Z. Nawaz, “Rainfall Prediction in Lahore City using Data Mining Techniques,” Int. J. Adv. Comput. Sci. Appl., vol. 9, no. 4, 2018.
[13]S. Aftab, M. Ahmad, N. Hameed, M. Salman, I. Ali, and Z. Nawaz, “Rainfall Prediction using Data Mining Techniques: A Systematic Literature Review,” Int. J. Adv. Comput. Sci. Appl., vol. 9, no. 5, 2018.
[14]M. A. Ambusaidi, X. He, P. Nanda, and Z. Tan, “Building an intrusion detection system using a filter-based feature selection algorithm,” IEEE Trans. Comput., vol. 65, no. 10, pp. 2986–2998, 2016.
[15]Z. Tan et al., “Enhancing big data security with collaborative intrusion detection,” IEEE Cloud Comput., vol. 1, no. 3, pp. 27–33, 2014.
[16]O. Y. Al-Jarrah, O. Alhussein, P. D. Yoo, S. Muhaidat, K. Taha, and K. Kim, “Data Randomization and Cluster-Based Partitioning for Botnet Intrusion Detection,” IEEE Trans. Cybern., vol. 46, no. 8, pp. 1796–1806, 2016.
[17]N. Marchang, R. Datta, and S. K. Das, “A novel approach for efficient usage of intrusion detection system in mobile Ad Hoc networks,” IEEE Trans. Veh. Technol., vol. 66, no. 2, pp. 1684–1695, 2017.
[18]Y. Yang, H. Q. Xu, L. Gao, Y. B. Yuan, K. McLaughlin, and S. Sezer, “Multidimensional Intrusion Detection System for IEC 61850-Based SCADA Networks,” IEEE Trans. Power Deliv., vol. 32, no. 2, pp. 1068–1078, 2017.
[19]T. Ha, S. Yoon, A. C. Risdianto, J. W. Kim, and H. Lim, “Suspicious flow forwarding for multiple intrusion detection systems on software-defined networks,” IEEE Netw., vol. 30, no. 6, pp. 22–27, 2016.
[20]X. Z. and X. W. Liqun Liu, Bing Xu2*, “An intrusion detection method for internet of things based on suppressed fuzzy clustering,” J. Wirel. Commun. Netw., 2018.
[21]S. M. Othman, F. M. Ba-Alwi, N. T. Alsohybe, and A. Y. Al-Hashida, “Intrusion detection model using machine learning algorithm on Big Data environment,” J. Big Data, vol. 5, no. 1, 2018.
[22]S. Aljawarneh, M. Aldwairi, and M. B. Yassein, “Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model,” J. Comput. Sci., vol. 25, pp. 152–160, 2018.
[23]“KDD Cup 1999 Data.” [Online]. Available: http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html. [Accessed: 19-Jan-2019].
[24]T. Mahjabin, Y. Xiao, G. Sun, and W. Jiang, “A survey of distributed denial-of-service attack, prevention, and mitigation techniques,” Int. J. Distrib. Sens. Networks, vol. 13, no. 12, 2017.
[25]M. S. Galina Mikhaylova, “The ‘Anonymous’ Movement: Hacktivism as an Emerging Form of Political Participation,” Graduate Council of Texas State University, 2014.
[26]S. Paliwal and R. Gupta, “Denial-of-Service, Probing & Remote to User (R2L) Attack Detection using Genetic Algorithm,” Int. J. Comput. Appl., vol. 60, no. 19, pp. 975–8887, 2012.
[27]M. Sabhnani and G. Serpen, “KDD feature set complaint heuristic rules for R2L attack detection,” Proc. Int. Conf. Secur. Manag., vol. 1, pp. 310–316, 2003.
[28]F. Mozneb and A. Farzan, “The Use of Intelligent Algorithms to Detect Attacks In,” vol. 3, no. 9, pp. 579–584, 2014.
[29]V. Sze, Y. Chen, T. Yang, and J. Emer, “Efficient processing of deep neural networks: A tutorial and survey”, Mar. 2017.
[30]O. I. Abiodun, A. Jantan, A. E. Omolara, K. V. Dada, N. A. E. Mohamed, and H. Arshad, “State-of-the-art in artificial neural network applications: A survey,” Heliyon, vol. 4, no. 11. Elsevier Ltd, p. e00938, 2018.
[31]M. S. Piotr Gaj, Andrzej KwiecieĊ„, Computer Networks: 24th International Conference, CN 2017, L?dek Zdrój, Poland, June 20–23, 2017, Proceedings. Springer, 2017.
[32]A.K. Jain, J. Mao, and K.M. Mohiuddin, aArtificial Neural Networks: A Tutorial,o Computer, pp. 31-44, Mar. 1996.
[33]K. Gopalakrishnan, “Effect of training algorithms on neural networks aided pavement diagnosis,” Int. J. Eng. Sci. …, vol. 2, no. 2, pp. 83–92, 2010.
[34]M. Fodslette M?ller, “A scaled conjugate gradient algorithm for fast supervised learning,” Neural Networks, vol. 6, pp. 525–533, 1993.
[35]J. Bourquin, H. Schmidli, P. Van Hoogevest, and H. Leuenberger, “Comparison of artificial neural networks (ANN) with classical modelling techniques using different experimental designs and data from a galenical study on a solid dosage form,” Eur. J. Pharm. Sci., vol. 6, no. 4, pp. 287–300, 1998.
[36]K. Das, J. Jiang, and J. N. K. Rao, “Mean squared error of empirical predictor,” Ann. Stat., vol. 32, no. 2, pp. 818–840, 2004.
[37]T. Fawcett, “An introduction to ROC analysis,” Pattern Recognit. Lett., vol. 27, no. 8, pp. 861–874, 2006.
[38]M. A. Jabbar, R. Aluvalu, and S. S. Reddy, “RFAODE: A Novel Ensemble Intrusion Detection System,” Procedia Comput. Sci., vol. 115, pp. 226–234, 2017.
[39]S. Boughorbel, F. Jarray, and M. El-Anbari, “Optimal classifier for imbalanced data using Matthews Correlation Coefficient metric,” PLoS One, vol. 12, no. 6, pp. 1–17, 2017.
[40]“NSLKDD-Dataset.” [Online]. Available: https://github.com/InitRoot/NSLKDD-Dataset. [Accessed: 02-April-2019].
[41]“Modified NSLKDD-Dataset.” [Online]. Available: https://github.com/ahmedeqbal/Modified-NSL-KDD-Dataset-1. [Accessed: 02-Apr-2019].