SeNet-I: An Approach for Detecting Network Intrusions Through Serialized Network Traffic Images
Engineering Applications of Artificial Intelligence
The exponential growth of the internet and inter-connectivity has resulted in an extensive increase in network size and the corresponding data, which has led to numerous novel attacks that pose significant challenges to network security. However, conventional network security approaches predominantly rely on the metadata of network traffic, utilized in numeric form, which is becoming ineffective against new attacks that hide within the content of the traffic. Therefore, it raises the need for security systems to adapt to the changing dynamics of network attacks. To address this issue, we propose a new approach called SeNet-I that leverages computer vision capabilities to combine low-level features and develop a more abstract and high-level representation of network traffic without requiring feature engineering. The proposed approach utilizes the raw network traffic information and transforms it into serialized three-channel images, which are employed as input to a proposed deep concatenated convolutional neural network model. Additionally, SeNet-I can easily incorporate packet level information, which is often challenging for conventional approaches due to its high dimensionality. To demonstrate the effectiveness of the proposed approach, we tested SeNet-I on both packet-based and flow-based network traffic, comparing it with current state-of-the-art methods and different image-based approaches. With F1 scores of 96% and 83% achieved in the multi-class classification of flow-based and packet-based network intrusion detection, our proposed approach outperformed other existing methods in the literature. Lastly, we discussed the advantages and limitations of the proposed method.
Cyberesecurity, Network intrusion detection, Machine learning, Serialized image classification, Convolutional neural network
Farrukh, Y., Wali, S., Khan, S. & Bastian, N. (2023). SeNet-I: An Approach for Detecting Network Intrusions Through Serialized Network Traffic Images. Engineering Applications of Artificial Intelligence, 126(107169): 1-16.