A Design of Network Attack Detection Using Causal and Non-causal Temporal Convolutional Network

Pengju He; Haibo Zhang; Yaokai Feng; Kouichi Sakurai

doi:10.1007/978-3-031-45933-7_30

A Design of Network Attack Detection Using Causal and Non-causal Temporal Convolutional Network

Pengju He, Haibo Zhang, Yaokai Feng, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Citation (Scopus)

Abstract

Temporal Convolution Network(TCN) has recently been introduced in the cybersecurity field, where two types of TCNs that consider causal relationships are used: causal TCN and non-causal TCN. Previous researchers have utilized causal and non-causal TCNs separately. Causal TCN can predict real-time outcomes, but it ignores traffic data from the time when the detection is activated. Non-causal TCNs can forecast results more globally, but they are less real-time. Employing either causal TCN or non-causal TCN individually has its drawbacks, and overcoming these shortcomings has become an important topic. In this research, we propose a method that combines causal and non-causal TCN in a contingent form to improve detection accuracy, maintain real-time performance, and prevent long detection time. Additionally, we use two datasets to evaluate the performance of the proposed method: NSL-KDD, a well-known dataset for evaluating network intrusion detection systems, and MQTT-IoT-2020, which simulates the MQTT protocol, a standard protocol for IoT machine-to-machine communication. The proposed method in this research increased the detection time by about 0.1ms compared to non-causal TCN when using NSL-KDD, but the accuracy improved by about 1.5%, and the recall improved by about 4%. For MQTT-IoT-2020, the accuracy improved by about 3%, and the recall improved by about 7% compared to causal TCN, but the accuracy decreased by about 1% compared to non-causal TCN. The required time was shortened by 30ms (around 30%), and the recall was improved by about 7%.

Original language	English
Title of host publication	Science of Cyber Security - 5th International Conference, SciSec 2023, Proceedings
Editors	Moti Yung, Chao Chen, Weizhi Meng
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	513-523
Number of pages	11
ISBN (Print)	9783031459320
DOIs	https://doi.org/10.1007/978-3-031-45933-7_30
Publication status	Published - 2023
Event	5th International Conference on Science of Cyber Security, SciSec 2023 - Melbourne, Australia Duration: Jul 11 2023 → Jul 14 2023

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	14299 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	5th International Conference on Science of Cyber Security, SciSec 2023
Country/Territory	Australia
City	Melbourne
Period	7/11/23 → 7/14/23

All Science Journal Classification (ASJC) codes

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-031-45933-7_30

Cite this

He, P., Zhang, H., Feng, Y., & Sakurai, K. (2023). A Design of Network Attack Detection Using Causal and Non-causal Temporal Convolutional Network. In M. Yung, C. Chen, & W. Meng (Eds.), Science of Cyber Security - 5th International Conference, SciSec 2023, Proceedings (pp. 513-523). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 14299 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-45933-7_30

A Design of Network Attack Detection Using Causal and Non-causal Temporal Convolutional Network. / He, Pengju; Zhang, Haibo; Feng, Yaokai et al.
Science of Cyber Security - 5th International Conference, SciSec 2023, Proceedings. ed. / Moti Yung; Chao Chen; Weizhi Meng. Springer Science and Business Media Deutschland GmbH, 2023. p. 513-523 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 14299 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

He, P, Zhang, H, Feng, Y & Sakurai, K 2023, A Design of Network Attack Detection Using Causal and Non-causal Temporal Convolutional Network. in M Yung, C Chen & W Meng (eds), Science of Cyber Security - 5th International Conference, SciSec 2023, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 14299 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 513-523, 5th International Conference on Science of Cyber Security, SciSec 2023, Melbourne, Australia, 7/11/23. https://doi.org/10.1007/978-3-031-45933-7_30

He P, Zhang H, Feng Y , Sakurai K. A Design of Network Attack Detection Using Causal and Non-causal Temporal Convolutional Network. In Yung M, Chen C, Meng W, editors, Science of Cyber Security - 5th International Conference, SciSec 2023, Proceedings. Springer Science and Business Media Deutschland GmbH. 2023. p. 513-523. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-031-45933-7_30

He, Pengju ; Zhang, Haibo ; Feng, Yaokai et al. / A Design of Network Attack Detection Using Causal and Non-causal Temporal Convolutional Network. Science of Cyber Security - 5th International Conference, SciSec 2023, Proceedings. editor / Moti Yung ; Chao Chen ; Weizhi Meng. Springer Science and Business Media Deutschland GmbH, 2023. pp. 513-523 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{f1d05fd2fda84e3b9044e64926ae5cad,

title = "A Design of Network Attack Detection Using Causal and Non-causal Temporal Convolutional Network",

abstract = "Temporal Convolution Network(TCN) has recently been introduced in the cybersecurity field, where two types of TCNs that consider causal relationships are used: causal TCN and non-causal TCN. Previous researchers have utilized causal and non-causal TCNs separately. Causal TCN can predict real-time outcomes, but it ignores traffic data from the time when the detection is activated. Non-causal TCNs can forecast results more globally, but they are less real-time. Employing either causal TCN or non-causal TCN individually has its drawbacks, and overcoming these shortcomings has become an important topic. In this research, we propose a method that combines causal and non-causal TCN in a contingent form to improve detection accuracy, maintain real-time performance, and prevent long detection time. Additionally, we use two datasets to evaluate the performance of the proposed method: NSL-KDD, a well-known dataset for evaluating network intrusion detection systems, and MQTT-IoT-2020, which simulates the MQTT protocol, a standard protocol for IoT machine-to-machine communication. The proposed method in this research increased the detection time by about 0.1ms compared to non-causal TCN when using NSL-KDD, but the accuracy improved by about 1.5%, and the recall improved by about 4%. For MQTT-IoT-2020, the accuracy improved by about 3%, and the recall improved by about 7% compared to causal TCN, but the accuracy decreased by about 1% compared to non-causal TCN. The required time was shortened by 30ms (around 30%), and the recall was improved by about 7%.",

author = "Pengju He and Haibo Zhang and Yaokai Feng and Kouichi Sakurai",

note = "Publisher Copyright: {\textcopyright} 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.; 5th International Conference on Science of Cyber Security, SciSec 2023 ; Conference date: 11-07-2023 Through 14-07-2023",

year = "2023",

doi = "10.1007/978-3-031-45933-7_30",

language = "English",

isbn = "9783031459320",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "513--523",

editor = "Moti Yung and Chao Chen and Weizhi Meng",

booktitle = "Science of Cyber Security - 5th International Conference, SciSec 2023, Proceedings",

address = "Germany",

}

TY - GEN

T1 - A Design of Network Attack Detection Using Causal and Non-causal Temporal Convolutional Network

AU - He, Pengju

AU - Zhang, Haibo

AU - Feng, Yaokai

AU - Sakurai, Kouichi

PY - 2023

Y1 - 2023

N2 - Temporal Convolution Network(TCN) has recently been introduced in the cybersecurity field, where two types of TCNs that consider causal relationships are used: causal TCN and non-causal TCN. Previous researchers have utilized causal and non-causal TCNs separately. Causal TCN can predict real-time outcomes, but it ignores traffic data from the time when the detection is activated. Non-causal TCNs can forecast results more globally, but they are less real-time. Employing either causal TCN or non-causal TCN individually has its drawbacks, and overcoming these shortcomings has become an important topic. In this research, we propose a method that combines causal and non-causal TCN in a contingent form to improve detection accuracy, maintain real-time performance, and prevent long detection time. Additionally, we use two datasets to evaluate the performance of the proposed method: NSL-KDD, a well-known dataset for evaluating network intrusion detection systems, and MQTT-IoT-2020, which simulates the MQTT protocol, a standard protocol for IoT machine-to-machine communication. The proposed method in this research increased the detection time by about 0.1ms compared to non-causal TCN when using NSL-KDD, but the accuracy improved by about 1.5%, and the recall improved by about 4%. For MQTT-IoT-2020, the accuracy improved by about 3%, and the recall improved by about 7% compared to causal TCN, but the accuracy decreased by about 1% compared to non-causal TCN. The required time was shortened by 30ms (around 30%), and the recall was improved by about 7%.

AB - Temporal Convolution Network(TCN) has recently been introduced in the cybersecurity field, where two types of TCNs that consider causal relationships are used: causal TCN and non-causal TCN. Previous researchers have utilized causal and non-causal TCNs separately. Causal TCN can predict real-time outcomes, but it ignores traffic data from the time when the detection is activated. Non-causal TCNs can forecast results more globally, but they are less real-time. Employing either causal TCN or non-causal TCN individually has its drawbacks, and overcoming these shortcomings has become an important topic. In this research, we propose a method that combines causal and non-causal TCN in a contingent form to improve detection accuracy, maintain real-time performance, and prevent long detection time. Additionally, we use two datasets to evaluate the performance of the proposed method: NSL-KDD, a well-known dataset for evaluating network intrusion detection systems, and MQTT-IoT-2020, which simulates the MQTT protocol, a standard protocol for IoT machine-to-machine communication. The proposed method in this research increased the detection time by about 0.1ms compared to non-causal TCN when using NSL-KDD, but the accuracy improved by about 1.5%, and the recall improved by about 4%. For MQTT-IoT-2020, the accuracy improved by about 3%, and the recall improved by about 7% compared to causal TCN, but the accuracy decreased by about 1% compared to non-causal TCN. The required time was shortened by 30ms (around 30%), and the recall was improved by about 7%.

UR - http://www.scopus.com/inward/record.url?scp=85178520287&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85178520287&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-45933-7_30

DO - 10.1007/978-3-031-45933-7_30

M3 - Conference contribution

AN - SCOPUS:85178520287

SN - 9783031459320

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 513

EP - 523

BT - Science of Cyber Security - 5th International Conference, SciSec 2023, Proceedings

A2 - Yung, Moti

A2 - Chen, Chao

A2 - Meng, Weizhi

PB - Springer Science and Business Media Deutschland GmbH

T2 - 5th International Conference on Science of Cyber Security, SciSec 2023

Y2 - 11 July 2023 through 14 July 2023

ER -