IDEAS home Printed from https://ideas.repec.org/a/igg/jisp00/v16y2022i1p1-32.html
   My bibliography  Save this article

Application of Representation Learning-Based Chronological Modeling for Network Intrusion Detection

Author

Listed:
  • Nitin O. Mathur

    (University of Cincinnati, USA)

  • Chengcheng Li

    (University of Cincinnati, USA)

  • Bilal Gonen

    (University of Cincinnati, USA)

  • Kijung Lee

    (University of Cincinnati, USA)

Abstract

An autoencoder has the potential to overcome the limitations of current intrusion detection methods by recognizing benign user activity rather than differentiating between benign and malicious activity. However, the line separating them is quite blurry with a significant overlap. The first part of this study aims to investigate the rationale behind this overlap. The results suggest that although a subset of traffic cannot be separated without labels, timestamps have the potential to be leveraged for identification of activity that does not conform to the normal or expected behavior of the network. The second part aims to eliminate dependence on visual-inspections by exploring automation. The trend of errors for HTTP traffic was modeled chronologically using resampled data and moving averages. This model successfully identified attacks that had orchestrated over HTTP within their respective time slots. These results support the hypothesis that it is technically feasible to build an anomaly-based intrusion detection system where each individual observation need not be categorized.

Suggested Citation

  • Nitin O. Mathur & Chengcheng Li & Bilal Gonen & Kijung Lee, 2022. "Application of Representation Learning-Based Chronological Modeling for Network Intrusion Detection," International Journal of Information Security and Privacy (IJISP), IGI Global, vol. 16(1), pages 1-32, January.
  • Handle: RePEc:igg:jisp00:v:16:y:2022:i:1:p:1-32
    as

    Download full text from publisher

    File URL: http://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/IJISP.291701
    Download Restriction: no
    ---><---

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:igg:jisp00:v:16:y:2022:i:1:p:1-32. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Journal Editor (email available below). General contact details of provider: https://www.igi-global.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.