Implementation of CNN-MLP and CNN-LSTM for MitM Attack Detection System

Keywords: MitM, Kitsune Network Attack Dataset, CNN-MLP, CNN-LSTM

Abstract

Man in the Middle (MitM) is one of the attack techniques conducted for eavesdropping on data transitions or conversations between users in some systems secretly. It has a sizeable impact because it could make the attackers will do another attack, such as website or system deface or phishing. Deep Learning could be able to predict various data well. Hence, in this study, we would like to present the approach to detect MitM attacks and process its data, by implementing hybrid deep learning methods. We used 2 (two) combinations of the Deep Learning methods, which are CNN-MLP and CNN-LSTM. We also used various Feature Scaling methods before building the model and will determine the better hybrid deep learning methods for detecting MitM attack, as well as the feature selection methods that could generate the highest accuracy. Kitsune Network Attack Dataset (ARP MitM Ettercap) is the dataset used in this study. The results prove that CNN-MLP has better results than CNN-LSTM on average, which has the accuracy rate respectively at 99.74%, 99.67%, and 99.57%, and using Standard Scaler has the highest accuracy (99.74%) among other scenarios.

 

Downloads

Download data is not yet available.

References

A. Mallik, A. Ahsan, M. M. Z. Shahadat, and J. C. Tsou, “Man-in-the-middle-attack: Understanding in simple words,” International Journal of Data and Network Science, vol. 3, no. 2, pp. 77–92, 2019, doi: 10.5267/j.ijdns.2019.1.001.

C. Singleton et al., “X-Force Threat Intelligence Index 2022,” 2022. [Online]. Available: https://www.ibm.com/downloads/cas/ADLMYLAZ

Z. Ahmad, A. Shahid Khan, C. Wai Shiang, J. Abdullah, and F. Ahmad, “Network intrusion detection system: A systematic study of machine learning and deep learning approaches,” Transactions on Emerging Telecommunications Technologies, vol. 32, no. 1, Jan. 2021, doi: 10.1002/ett.4150.

B. Neyole Misiko Jacob, M. Yusuf Wanjala, N. Misiko Jacob α, and M. Yusuf Wanjala σ, “A Review of Intrusion Detection Systems,” C, 2017. [Online]. Available: https://globaljournals.org/GJCST_Volume17/3-A-Review-of-Intrusion-Detection.pdf

B. Huy, N. Q. Truong, N. Q. Khiem, K. P. Poudel, and H. Temesgen, “Deep learning models for improved reliability of tree aboveground biomass prediction in the tropical evergreen broadleaf forests,” Forest Ecology and Management, vol. 508, Mar. 2022, doi: 10.1016/j.foreco.2022.120031.

L. Alzubaidi et al., “Review of deep learning: concepts, CNN architectures, challenges, applications, future directions,” Journal of Big Data, vol. 8, no. 1, Dec. 2021, doi: 10.1186/s40537-021-00444-8.

K. Özkan, Ş. Işik, and Y. Kartal, “Evaluation of convolutional neural network features for malware detection,” in 6th International Symposium on Digital Forensic and Security, ISDFS 2018 - Proceeding, May 2018, vol. 2018-January, pp. 1–4. doi: 10.1109/ISDFS.2018.8355390.

F. de Almeida Florencio, E. D. Moreno, H. T. MacEdo, R. J. P. de Britto Salgueiro, F. B. do Nascimento, and F. A. O. Santos, “Intrusion detection via MLP neural network using an arduino embedded system,” in Brazilian Symposium on Computing System Engineering, SBESC, Jul. 2018, vol. 2018-November, pp. 190–195. doi: 10.1109/SBESC.2018.00036.

A. Boukhalfa, A. Abdellaoui, N. Hmina, and H. Chaoui, “LSTM deep learning method for network intrusion detection system,” International Journal of Electrical and Computer Engineering, vol. 10, no. 3, pp. 3315–3322, 2020, doi: 10.11591/ijece.v10i3.pp3315-3322.

R. A. Sowah, K. B. Ofori-Amanfo, G. A. Mills, and K. M. Koumadi, “Detection and prevention of man-in-the-middle spoofing attacks in MANETs using predictive techniques in Artificial Neural Networks (ANN),” Journal of Computer Networks and Communications, vol. 2019, 2019, doi: 10.1155/2019/4683982.

T. Lu, Y. Du, L. Ouyang, Q. Chen, and X. Wang, “Android malware detection based on a hybrid deep learning model,” Security and Communication Networks, vol. 2020, 2020, doi: 10.1155/2020/8863617.

P. Shettar, A. v. Kachavimath, M. M. Mulla, G. N. D. D. Narayan, and G. Hanchinmani, “Intrusion Detection System using MLP and Chaotic Neural Networks,” in 2021 International Conference on Computer Communication and Informatics, ICCCI 2021, Jan. 2021, vol. 2021-January. doi: 10.1109/ICCCI50826.2021.9457024.

Y. Mirsky, T. Doitshman, Y. Elovici, and A. Shabtai, “Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection,” Feb. 2018. doi: 10.14722/ndss.2018.23204.

Y. Mirsky, T. Doitshman, Y. Elovici, and A. Shabtai, “Kitsune Network Attack Dataset Data Set,” Oct. 16, 2019. https://archive.ics.uci.edu/ml/datasets/Kitsune+Network+Attack+Dataset

D. S. Prashanth, R. V. K. Mehta, and N. Sharma, “Classification of Handwritten Devanagari Number - An analysis of Pattern Recognition Tool using Neural Network and CNN,” Procedia Computer Science, vol. 167, no. 2019, pp. 2445–2457, 2020, doi: 10.1016/j.procs.2020.03.297.

T. Acharya, I. Khatri, A. Annamalai, and M. F. Chouikha, “Efficacy of Heterogeneous Ensemble Assisted Machine Learning Model for Binary and Multi-Class Network Intrusion Detection,” 2021 IEEE International Conference on Automatic Control and Intelligent Systems, I2CACIS 2021 - Proceedings, no. June, pp. 408–413, 2021, doi: 10.1109/I2CACIS52118.2021.9495864.

M. A. Umar and C. Zhanfang, “Effects of Feature Selection and Normalization on Network Intrusion Detection,” pp. 1–25, 2020, doi: 10.36227/techrxiv.12480425.

X. Wan, “Influence of feature scaling on convergence of gradient iterative algorithm,” in Journal of Physics: Conference Series, Jun. 2019, vol. 1213, no. 3. doi: 10.1088/1742-6596/1213/3/032021.

V. N. G. Raju, K. P. Lakshmi, V. M. Jain, A. Kalidindi, and V. Padma, “Study the Influence of Normalization/Transformation process on the Accuracy of Supervised Classification,” in Proceedings of the 3rd International Conference on Smart Systems and Inventive Technology, ICSSIT 2020, Aug. 2020, pp. 729–735. doi: 10.1109/ICSSIT48917.2020.9214160.

K. Potdar, T. S., and C. D., “A Comparative Study of Categorical Variable Encoding Techniques for Neural Network Classifiers,” International Journal of Computer Applications, vol. 175, no. 4, pp. 7–9, Oct. 2017, doi: 10.5120/ijca2017915495.

R. Yamashita, M. Nishio, R. K. G. Do, and K. Togashi, “Convolutional neural networks: an overview and application in radiology,” Insights into Imaging, vol. 9, no. 4. Springer Verlag, pp. 611–629, Aug. 01, 2018. doi: 10.1007/s13244-018-0639-9.

M. H. N. Solhdar, M. J. Solahdar, and S. Eskandari, “An intrusion detection system with a parallel multi-layer neural network,” Journal of Mathematical Modeling, vol. 9, no. 3, pp. 437–450, 2021, doi: 10.22124/jmm.2021.17362.1502.

S. Abdullah, M. Ismail, and Ahmed, “Multi-Layer Perceptron Model for Air Quality Prediction,” 2019. [Online]. Available: https://einspem.upm.edu.my/journal/fullpaper/vol13sdecember/8.pdf

T. D. Pham, “Time–frequency time–space LSTM for robust classification of physiological signals,” Scientific Reports, vol. 11, no. 1, Dec. 2021, doi: 10.1038/s41598-021-86432-7.

J. Alikhanov, W. Kim, M. Azizjon, and A. Jumabek, “1D CNN based network intrusion detection with normalization on imbalanced data,” 2020. [Online]. Available: https://ieeexplore.ieee.org/document/9064976

N. Sabri, “A Comparison between Average and Max-Pooling in Convolutional Neural Network for Scoliosis Classification,” International Journal of Advanced Trends in Computer Science and Engineering, vol. 9, no. 1.4, pp. 689–696, Sep. 2020, doi: 10.30534/ijatcse/2020/9791.42020.

J. Yang and G. Yang, “Modified convolutional neural network based on dropout and the stochastic gradient descent optimizer,” Algorithms, vol. 11, no. 3, pp. 1–15, Mar. 2018, doi: 10.3390/a11030028.

A. M. Javid, S. Das, M. Skoglund, and S. Chatterjee, “A ReLU Dense Layer to Improve the Performance of Neural Networks,” Oct. 2020, [Online]. Available: http://arxiv.org/abs/2010.13572

E. Jeczmionek and P. A. Kowalski, “Flattening layer pruning in convolutional neural networks,” Symmetry (Basel), vol. 13, no. 7, Jul. 2021, doi: 10.3390/sym13071147.

H. Pratiwi et al., “Sigmoid Activation Function in Selecting the Best Model of Artificial Neural Networks,” in Journal of Physics: Conference Series, Mar. 2020, vol. 1471, no. 1. doi: 10.1088/1742-6596/1471/1/012010.

J. F. Pimentel, L. Murta, V. Braganholo, and J. Freire, “Understanding and improving the quality and reproducibility of Jupyter notebooks,” Empirical Software Engineering, vol. 26, no. 4, 2021, doi: 10.1007/s10664-021-09961-9.

S. P. Pillai, T. Radha Ramanan, and S. D. Madhu Kumar, “Evaluating deep learning paradigms with TensorFlow and Keras for software effort estimation,” International Journal of Scientific and Technology Research, vol. 9, no. 4, pp. 2753–2761, 2020, [Online]. Available: http://www.ijstr.org/final-print/apr2020/Evaluating-Deep-Learning-Paradigms-With-Tensorflow-And-Keras-For-Software-Effort-Estimation.pdf

H. Zhang, L. Zhang, and Y. Jiang, “Overfitting and Underfitting Analysis for Deep Learning Based End-to-end Communication Systems,” 2019. [Online]. Available: https://ieeexplore.ieee.org/abstract/document/8927876

Q. R. S. Fitni and K. Ramli, “Implementation of Ensemble Learning and Feature Selection for Performance Improvements in Anomaly-Based Intrusion Detection Systems,” in The 2020 IEEE International Conference on Industry 4.0, Artificial Intelligence, and Communications Technology (IAICT), 2020, pp. 118–124. [Online]. Available: https://ieeexplore.ieee.org/document/9172014

Published
2022-06-30
How to Cite
Satyanegara, H. H., & Ramli, K. (2022). Implementation of CNN-MLP and CNN-LSTM for MitM Attack Detection System. Jurnal RESTI (Rekayasa Sistem Dan Teknologi Informasi), 6(3), 387 - 396. https://doi.org/10.29207/resti.v6i3.4035
Section
Artikel Teknologi Informasi