Received May 25, 2018, accepted July 18, 2018, date of publication July 23, 2018, date of current

version August 15, 2018.

Digital Object Identifier 10.1109/ACCESS.2018.2858277

Effective Feature Extraction via Stacked

Sparse Autoencoder to Improve
Intrusion Detection System
BINGHAO YAN AND GUODONG HAN
National Digital Switching System Engineering & Technology Research Center, Zhengzhou 450001, China
Corresponding author: Binghao Yan ([email protected])
This work was supported in part by the National Science Technology Major Project of China under Grant 2016ZX01012101, in part by the
National Natural Science Foundation Project of China under Grant 61572520, and in part by the National Natural Science Foundation
Innovation Group Project of China under Grant 61521003.

ABSTRACT Classification features are crucial for an intrusion detection system (IDS), and the detection
performance of IDS will change dramatically when providing different input features. Moreover, the large
number of network traffic and their high-dimensional features will result in a very lengthy classification
process. Recently, there is an increasing interest in the application of deep learning approaches for classifi-
cation and learn feature representations. So, in this paper, we propose using the stacked sparse autoencoder
(SSAE), an instance of a deep learning strategy, to extract high-level feature representations of intrusive
behavior information. The original classification features are introduced into SSAE to learn the deep sparse
features automatically for the first time. Then, the low-dimensional sparse features are used to build different
basic classifiers. We compare SSAE with other feature extraction methods proposed by previous researchers.
The experimental results both in binary classification and multiclass classification indicate the following:
1) the high-dimensional sparse features learned by SSAE are more discriminative for intrusion behaviors
compared to previous methods and 2) the classification process of basic classifiers is significantly accelerated
by using high-dimensional sparse features. In summary, it is shown that the SSAE is a feasible and efficient
feature extraction method and provides a new research method for intrusion detection.

INDEX TERMS Intrusion detection, deep learning, machine learning, SSAE, feature extraction.

I. INTRODUCTION to accurately define the intrusive behavior mode in advance,

With the advent of new Internet technologies such as file
sharing, mobile payment and instant messaging, the situ-
ation of network security is becoming ever more compli-
cated. At the same time, network attackers become more
invisible and attack costs are further reduced, all of which
seriously threaten the network security environment. As an
active defense technology, intrusion detection has gradually
become the key technology to ensure the security of the
network system. Intrusion detection system (IDS) is designed
for network security proactive protection system, which is
based on a certain security strategy to monitor the opera-
tion of the network system and found a variety of intrusion
behavior, attempt or result, and automatically respond to
effectively prevent illegal access or Intrusion. IDS usually
includes misuse detection and anomaly detection two kinds
of processing methods. The misuse detection system needs
and the intrusion behavior is detected if the attacker’s attack
pattern exactly matches the pattern library in the detection
system. Anomaly detection system considers intrusion activ-
ity is unknown, is a subset of abnormal activity. When any
behavior deviates from the normal behavior pattern to a cer-
tain extent, it is considered as an invasion event.
In order to improve the efficiency and performance of
intrusion detection systems, in recent years, scholars have
used machine learning methods in the construction of net-
work intrusion detection systems and achieved breakthroughs
progress [1]. However, most machine learning algorithms can
only achieve satisfactory results in small sample datasets.
When these algorithms are actually used in large-scale intru-
sion detection systems, they usually face the limitations of
time complexity and space complexity. The essential reason
is attributable to the input data in feature space with high

2169-3536 2018 IEEE. Translations and content mining are permitted for academic research only.
41238 Personal use is also permitted, but republication/redistribution requires IEEE permission. VOLUME 6, 2018
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
B. Yan, G. Han: Effective Feature Extraction via SSAE to Improve IDS
dimensional and nonlinear characteristics. Therefore, it is an
indispensable step in the intrusion detection process to pro-
pose or adopt more effective methods to perform dimension
reduction on high-dimensional data.
In 2006, Hinton, a professor at the University of Toronto in
Canada, published an article on deep learning in Science [2],
setting off a wave of research on big data and artificial intel-
ligence. One of the main messages delivered in this article is
that deep artificial neural networks (DANN) with many hid-
den layers have excellent feature-based learning capabilities
and the learned features have a more substantive characteri-
zation of the original data to facilitate visualization or classi-
fication. Moreover, DANN reduce the huge workload in the
process of feature extraction and improve the efficiency of
feature extraction.
Deep learning is a promising solution to the challenge of
intrusion detection because of its outstanding performance in
dealing with complex, large-scale data. So we use the stack
autoencoder (SAE) model based on deep learning theory
to perform unsupervised dimension reduction of intrusion
detection samples in this paper, and then we add sparsity
constraints to the SAE model to improve the generalization
ability and classification accuracy of the model. Compared
with the existing methods, SSAE can not only effectively
compress the feature dimension of the original data and accel-
erate the classification process of the classifier, but also the
feature extraction capability of SSAE is obviously better than
the known methods.
In the following sections, we provide the related work
in terms of network intrusion detection methods related to
machine learning and deep learning (Section II), our deep
learning based approach to feature extraction (Section III),
and our test bed, dataset and experimental preparation process
(Section IV). Section V highlights SSAE with a discussion
about the experimental results and a comparison with a few
previous methods. We present in section VI with a summary
of conclusions and future work.
II. RELEVANT WORK
The initial intrusion detection methods include misuse
detection [3] and anomaly detection [4]. Although these
two detection methods have achieved good results, there are
still inherent flaws, among which misuse detection cannot
determine whether an unknown behavior is safe, abnormal
detection has a disadvantage of high false alarm rate, and the
deactivation of alarms relies heavily on the domainspecialist
knowledge. With the development of artificial intelligence
theory, intrusion detection technology based on machine
learning makes up for the defects of the original methods and
becomes a new research hotspot. In [5], the authors combined
artificial neural network and fuzzy clustering algorithm to
solve the problem of low detection rate of low-frequency
attacks and help IDS achieve higher detection rate, less false
positive rate and stronger stability. Bamakan et al. [6] intro-
duced time-varying chaos particle swarm optimization into
IDS to adaptively select the parameters of support vector
VOLUME 6, 2018
machine (SVM), which has the characteristics of high detec-
tion rate and low false alarm rate. In addition, other represen-
tative machine learning algorithms such as decision trees [7],
Bayesian classification [8], and K-nearest neighbors [9] are
also used in the construction of IDS. Furthermore, in order to
avoid the existence of defects in a single classifier, the ideas
of hybrid classifiers [10], [11] and ensemble classifiers [12]
are also applied in IDS and the efficiency of classification is
generally better than single classifier models.
Although the above methods have strong adaptability and
scalability, researchers believe that while considering the
detection rate and false alarm rate performance, IDS also
needs to meet the requirements of systems for real-time
capability and low power consumption. Ambusaidi et al. [13]
combined flexible mutual information feature selection with
least square SVM, which contributes to lower computa-
tional costs and faster detection speeds. Osanaiye et al. [14]
combined the output of four filter methods into an
ensemble-based multi-filter feature selection method to
achieve an optimum selection and shown encouraging per-
formance in DDOS detection. However, the above-mentioned
feature selection algorithms only sort the manually designed
features according to the difference of the detection targets of
the IDS, and remove the features that are more redundant in
comparison, resulting in the loss of part of the information.
The popularity of deep learning technology has further
promoted the progress of intrusion detection systems. On the
one hand, deep learning algorithms can uncover deeper rela-
tionships between input data, which cannot be achieved with
traditional shallow machine learning algorithms. On the other
hand, deep learning algorithms have more powerful feature
extraction and representation capabilities while retaining data
information as much as possible. The deep learning meth-
ods used in intrusion detection mainly include Deep Con-
volutional Neural Network (DCNN) [15], Recurrent Neural
Network (RNN) [16], Deep Belief Network (DBN) [17] and
their improved models, and the main purpose of these model
is also to improve the detection rate and false alarm rate. Deep
learning models used in intrusion detection rarely focus on
feature extraction. Therefore, in this paper, we use stacked
sparse autoencoder (SSAE) as feature extraction method in
IDS. Compared with previous works, we use the SSAE for
feature extraction rather than for sample anomaly detection.
III. MATHODOLOGY
A. ANTOENCODER
Autoencoder(AE) is an unsupervised three-layer neural net-
work, including an input layer, a hidden layer, and an output
layer (also referred to as reconstruction layer). The typical
structure of AE is shown in Figure 1, and the representation
is shown in Figure 2.
The AE can gradually transform specific feature vectors
into abstract feature vectors, which can well realize the non-
linear transformation from high dimensional data space to
low dimensional data space. The working process of the
41239
 B. Yan, G. Han: Effective Feature Extraction via SSAE to Improve IDS

By adjusting the parameters of the encoder and the decoder,

the error between the output reconstructed data and the orig-
inal data can be minimized, which means that AE recon-
structs the original data through training. We believe that
the data output by the hidden layer units at this time is the
optimal low-dimensional representation of the original data
and includes all the information that exists in the original data.
The reconstruction error function JE (W , ϕ) between H and Y
uses the mean squared-error function as shown in formula 4,
where N is the number of input samples.
N
1 X (r) 2
JE (W , ϕ) = Y − X (r) (4)
2N
r=1

B. SPARSE AUTOENCODER
The idea of sparse coding was originally proposed by
FIGURE 1. The structure of basic Autoencoder. Olshausen [18] to simulate the computational learning of the
receptive fields of simple cells in mammalian primary visual
cortex. Due to the unavoidable problem of the autoencoder,
for example, the input data is transmitted to the output layer
by simple copying. Although the original input data can be
recovered perfectly, the autoencoder does not extract any
meaningful features in this case. Therefore, Ng et al. [19]
used the idea of sparse coding to introduce a sparse penalty
term in the hidden layer of autoencoder, so that the autoen-
FIGURE 2. Autoencoder representation. coder can obtain more concise and efficient low-dimensional
data features under sparse constraints to better express the
automatic encoder can be divided into two stages: encoding input data. Suppose that the average activation of the neurons
and decoding and these two steps can be defined as: N 
in the hidden layer is ρ̂j , ρ̂j = N1
P 
The encoding process from the input layer to the hidden nj (xi ) . We hope that the
i=1
layer: average activation ρ̂j approaches a constant ρ which is close
H = gθ1 (X ) = σ (Wij X + ϕ1 ) (1) to zero.
Therefore, the Kullback–Leibler (KL) divergence is added
The decoding process from the hidden layer to the recon- as a regularization term to the error function of the autoen-
struction layer: coder to achieve the above purpose:
Y = gθ2 (H ) = σ (Wjk H + ϕ2 ) (2) ρ 1−ρ
KL( ρk ρ̂j ) = ρ log + (1 − ρ) log (5)
In the above formulas, X = (x1 , x2 , . . . , xn ) is the input ρ̂j 1 − ρ̂j
data vector, Y = (y1 , y2 , . . . , yn ) is the reconstruction vector At this point, the error function of the sparse autoencoder
of the input data and H = (h1 , h2 , . . . , hm ) is the low- consists of two parts: the first term is the mean square error
dimensional vector output from the hidden layer, X ∈ Rn , term, and the second term is the regularization term. It is
Y ∈ Rn , H ∈ Rm (n is the dimension of the input vector shown in formula 6:
and m is the number of hidden units). Wij ∈ Rm×n is the m
X
Jsparse (W , b) = J (W , b) + µ KL ρ ρ̂j


weight connection matrix between input layer and hidden (6)
layer. Wjk ∈ Rn×m is the weight connection matrix between j=1
hidden layer and output layer. In order to reconstruct the input where m is the number of the hidden units and µ is a
data as accurately as possible while reducing the resource weighting factor that controls the strength of the sparse item.
consumption during model training, Wjk = WijT usually exists Furthermore, in order to prevent overfitting, we also added
in the experiment. ϕ1 ∈ Rn×1 and ϕ2 ∈ Rm×1 are the the weight attenuation items to the error function as shown in
bias vectors of the input layer and hidden layer respectively. formula (7), λ is the attenuation coefficient of the weight.
gθ1 (·) and gθ2 (·) are the activation function of the hidden layer m
X
neurons and output layer neurons respectively, which roles Jsparse (W , b) = JE (W , b) + µ KL ρ ρ̂j


are to map the network summation result to [0,1]. We use j=1
sigmoid function as activation function in this paper: 3 m m+1 2
λ XX X r
1 + (wij ) (7)
gθ1 (·) = gθ2 (·) = (3) 2
1 + e−x r=1 i=1 j=1

41240 VOLUME 6, 2018

B. Yan, G. Han: Effective Feature Extraction via SSAE to Improve IDS

C. STACKED SPARSE AUTOENCODER
Stacked sparse autoencoder (SSAE) neural network is a neu-
ral network composed of multiple sparse auto-encoders con-
nected end to end, the structure shown in Figure 3. The output
of the previous layer of sparse self-encoder is used as the input
of the next layer of self-encoder, so that higher-level feature
representations of the input data can be obtained.
FIGURE 3. The structure of stacked autoencoder model.
Considering that there are sparse constraints in the SSAE
network, we want to use different learning rate for different
parameters, such as reducing the frequency of updates for
infrequent features. However, most of the traditional popu-
lar gradient descent algorithms include stochastic gradient
descent and mini-batch gradient descent, which use the same
learning rate for all network parameters that need to be
updated, making it difficult to choose a suitable learning rate
and easily reach a local minimum [21]. Therefore, in order
to train a better SSAE network model, we use the adaptive
moment estimation (Adam) gradient descent algorithm pro-
posed by Kingma and Ba [22] to achieve dynamic adaptive
adjustment of different parameters.
The Adam algorithm implements dynamic adjustment of
different parameters by calculating the gradient first-order
moment estimate mt and second-order moment estimate vt ,
as shown in formula (12-14), where β1 and β2 respectively
represent the first-order exponential damping decrement and
the second-order exponential damping decrement. gt repre-
sents the gradient of the parameters at timestep tin the loss
function Jsparse (W , b).
mt = β1 mt−1 + (1 − β1 ) · gt (12)
vt = β2 vt−1 + (1 − β2 ) · g2t (13)
gt ← ∇θ Jt (θt−1 ) (14)

The greedy layer-wise pre-training method [20] is used to Computer bias-corrected for mt and vt :
sequentially train each layer of SSAE to get access to the mt
m‘t = (15)
optimized connection weights and bias values of the entire 1 − β1t
stacked sparse auto-encoded network. Then the error back vt
v‘t = (16)
propagation method is used to fine tune the SSAE until 1 − β2t
the result of the error function between the input data and Update parameters:
the output data satisfies the expected requirements, so as to γ
acquire the optimal parameter model. θt+1 = θt − q · m‘t (17)
For error function Jsparse (W , b)defined in III.B: v‘t +ξ

∂ γ is the update stepsize, ξ takes a small constant to prevent

Jsparse (W , b) the denominator to be zero.
∂wrij
nr
1 X ∂ IV. EXPERIMENTAL SETUP
= Jsparse (W , b, X (n), Y (n)) + λwrij (8)
2nr ∂wrij A. THE FRAMEWORK
r=1
The framework of the SSAE-based intrusion detection system
∂
Jsparse (W , b) is shown in Figure 4. First, the original input dataset is
∂br preprocessed so that the data can be used for training and
nr
1 X ∂ testing of the SSAE network. Then, the processed dataset is
= Jsparse (W , b, X (n), Y (n)) (9)
2nr ∂br divided into two parts: a training set and a testing set. The
r=1
training set is used for the pre-training and fine-tuning of the
Therefore, the update process of weight and bias is as model, while the testing set is input with the optimal model
follows: to obtain the low-dimensional representation dataset. Finally,
∂ the classifiers are trained by using low-dimensional dataset
wkij = wkij − η J (W , b) (10) to test the effect of low-dimensional data on the performance
∂wkij
of the classifier, thereby validating the effectiveness of the
∂
br = br − η r J (W , b) (11) SSAE model.
∂b
Where X (n) and Y (n) are respectively represented as B. DATASET
the nth original vector and its corresponding reconstruction There are few public data sets used in intrusion detection,
vector. η indicates the update learning rate. mainly based on KDD99 [23] data set, NSL-KDD [24] data

VOLUME 6, 2018 41241


FIGURE 4. Flowchart of the proposed method.
set and Kyoto2006 [25] data set. Considering the advantages
and disadvantages of the existing datasets comprehensively,
and in order to make an effective and fair comparison with
the existing intrusion detection models and methods, we have
selected the NSL-KDD dataset to evaluate the performance of
our SSAE model in intrusion detection.
TABLE 1. Classes and numbers of attacks of NSL-KDD dataset.
The NSL-KDD dataset was improved on the KDD
99 dataset, eliminating the redundant data contained in
the KDD 99 dataset. It contained a total of 125973 train-
ing samples and 22543 test samples, including four attack
sample types: Denial of service attacks (DOS), Probing
attacks(Probe), Remote to Local attacks(R2L), User to
root attacks(U2R), and the specific distribution is shown
in Table 1. Besides, in order to simplify the experimental
process and ease the computational pressure, we randomly
sample the original data in NSL-KDD and reassemble the
sampled samples into several independent datasets, includ-
ing training dataset, validation dataset and testing dataset,
as shown in Table 2. The main purpose of the training datasets
are to train the model. The validation datasets are used to
fine-tune the model and adjust the parameters of the neu-
ral network and classifier. The purpose of the test datasets
41242
B. Yan, G. Han: Effective Feature Extraction via SSAE to Improve IDS
TABLE 2. Number of training, validation and testing samples in new
datasets.
is to test the detection ability of the trained model. In the
experimental process, each dataset of No.1-5 is repeated sev-
eral times independently, and cross-validation is performed
between each dataset. The final experimental results are
averaged for each experiment to ensure that the results are
unbiased.
C. DATA PREPROCESSING
The NSL-KDD dataset contains 41 classification features,
which are divided into symbolic features, 0-1-type fea-
tures and percentage-type features. Among them, the feature
value of Num_outbound_cmds is all 0, which has no effect
on the classification process, so this feature is removed.
Besides, since the input of the SSAE network is a numeric
matrix, we need to transform the symbolic features into
numerical features. In addition, in order to facilitate the
comparison, the original feature values are subjected to a
maximum-minimum normalization process so that the fea-
ture values are in the same order of magnitude.
1) NUMERALIZATION
we use the one-hot encoding to perform the numer-
alization. The symbolic features of NSL-KDD dataset
include ‘‘Protocol_type’’, ‘‘Service’’ and ‘‘Flag’’, where
‘‘Protocol_type’’ includes three different symbolic feature
values, ‘‘Service’’ includes 70 different symbolic feature val-
ues and ‘‘Flag’’ includes 11 different symbolic feature values.
Therefore, after the completion of the numeric processing,
the dimensions of features in NSL-KDD dataset is extended
to 121-dimensions.
2) NORMALIZATION
To facilitate the comparison of the results, the maximal-
minimum normalization method shown in formula 18 is used
to normalize the feature values in the NSL-KDD dataset,
where xmax and xmin represent the maximum and minimum
values of the original feature values, respectively. x denotes
the original feature value and xnorm denotes the normalized
feature value.
x − xmin
xnorm = (18)
xmax − xmin
VOLUME 6, 2018
B. Yan, G. Han: Effective Feature Extraction via SSAE to Improve IDS
D. EVALUATION
We use the metrics based on the confusion matrix to measure
the experimental results of this paper. The definition of the
confusion matrix is shown in Table 3. In the table, TP (True
Positive) indicates the number of correctly identified normal
records, TN (True Negative) indicates the number of cor-
rectly identified attack records, FP (False Positive) indicates
the number of incorrectly identified normal records and FN
(False Negative) indicates the number of erroneously identi-
fied attack records.
TABLE 3. Confusion matrix.
The metrics used in this paper mainly include ACC
(accuracy), DR (detection rate), and FAR (false alarm rate),
and the calculation method is shown in formula 19-21.
In addition, model training and testing time are represented
by Ttrain and Ttest respectively.
TP + TN
ACC =
TP + FP + TN + FN
TP
DR =
TP + FN
FP
FAR =
FP + TN
E. MODEL PARAMETERS
We use the TensorFlow, one of the most popular machine
learning frameworks, to conduct the experimental simulation
in this paper, and Python is selected as the programming lan-
guage. The hardware experimental environment is a desktop
with an Inter Core i7-7700 quad-core processor, 16G RAM,
256G SSD, and 64-bit Windows 10 operating system. At the
same time, we use the GeForce GTX1060 graphics process-
ing unit to speed up the training and testing of the model.
According to Section IV-C, after the samples in the
NSL-KDD dataset are preprocessed, the features are
extended from 41-dimension to 121-dimension. Therefore,
we select the number of input layer neurons of the SSAE
as 121. In addition, it is proved by experiments that the
hidden structure of the four-layer SSAE network is the opti-
mal experimental model (Section V-A), and the best sparse
parameter is selected as 0.04(Section V-B). The parameters
of the Adam algorithm adopt the default values recommended
by the author. Table 4 shows the specific experimental model
parameters.
V. EXPERIMENTAL RESULTS AND DISCUSSION
Here, we evaluate the performance of the proposed SSAE
model by performing a variety of experiments on the
VOLUME 6, 2018
TABLE 4. The experimental parameters of SSAE and Adam.
NSL-KDD dataset, including five-category classification
(Normal, DoS, Probe, R2L, U2R) and binary-category clas-
sification (Normal, Anomaly). More specifically, the experi-
ments in this paper aim to achieve the following:
(19) a. Evaluate the impact of network structure on the perfor-
mance of the SSAE.
(20) b. Evaluate the impact of sparse parameter on the perfor-
mance of the SSAE.
(21) c. Evaluate the impact of the low-dimensional features
extracted by the SSAE on classifiers.
d. Compare SSAE with other state-of-the-art feature selec-
tion and feature compression methods.
e. Compare SSAE with other state-of-the-art shallow learn-
ing and deep learning models.
A. IMPACT OF THE DIFFERENT NETWORK STRUCTURE
In deep neural network, there is no fixed method to determine
the number of hidden layers and the number of neurons in
each layer. We need to set different network structures accord-
ing to different experimental backgrounds. If the number of
hidden layers is small and the number of neurons in each layer
is insufficient, it may lead to the model cannot effectively
match the distribution of data, and for SSAE network, that
is, the high-dimensional features cannot be effectively com-
pressed. Conversely, if the number of hidden layers is too
large and the number of neurons in each layer is excessive,
it may lead to the extremely complex training process of
the model, which greatly increases the training time and the
consumption of computing resources, and at the same time,
may cause the model to be overfitting.
Table 5 shows the effect on the performance of the clas-
sifier when SSAE takes different number of hidden layers
on validation datasets, including mean and standard devia-
tion for each indicator. In order to achieve the purpose of
41243

TABLE 5. The ACC, DR, FAR and training time of SSAE with different hidden layer structure.
controlling variables, we connect the same Softmax classi-
fier to the output layer of SSAE with different structures,
and the remaining algorithm parameters in the experiment
are consistent. It could be found that with above settings,
as the number of hidden layers of increases, the classification
results of the classifier become more and more satisfactory.
However, a major drawback of the multilayer network struc-
ture is that it requires more time to train, which causes the
infeasibility in real network environment. For example, in our
experiments, although the detection accuracy of the five-layer
hidden structure is better than that of the four-layer hidden
structure, the training time of five-layer has almost stiffened
to double that of four-layer. Further, when the model is in
a large data environment, the training time will increase
explosively. Therefore, after a comprehensive comparison,
the four-layer hidden structure is the best network structure
suitable for our experiment.
TABLE 6. The ACC, DR and FAR of SSAE with different hidden layers
neurons when the number of hidden layers is the same.
Table 6 shows the effect of different number of hidden neu-
rons on the classification results when the number of hidden
layers is the same. It can be concluded that the performance
of the SSAE with the same number of neurons in each layer
is worse than that when the number of neurons in each layer
41244
B. Yan, G. Han: Effective Feature Extraction via SSAE to Improve IDS
is different. It can be also observed that better classification
results can be obtained when the number of neurons in the
hidden layer decreases by layer. Further, the experimental
results show that the number of neurons in the hidden layer
should be less than that in the input layer, which not only
reduces the training time of the model, but also is more
conducive to the compression of the original features.
Another important study in this paper is to choose the
smallest feature dimension without losing the information
between original samples. Since the compressed feature
dimension is equal to the number of output layer neurons,
therefore, we measure the number of neurons in the output
layer of the SSAE network to observe how they affect the
performance of intrusion detection. The [100, 85, 55, 30]
four-hidden layers’ model with optimal results in Table 6 is
used to perform experiments, while the other parameters
remain unchanged, and the number of output layer neurons
changes from 1 to 10. Figure 5 shows the experimental
results, from which, we can see that those metrics yield the
best results when the number of output layer neurons is 5.
B. IMPACT OF THE DIFFERENT SPARSE PARAMETER
Bengio [26] conducted a large number of experiments and
concluded that a good experimental effect can be achieved
when the sparse parameter is chosen to be 0.05 in the deep
architectures and many existing literatures use this param-
eter to perform their experiments. However, we think this
parameter may not apply to our model because sparse param-
eter is relevant to the number of bottleneck code dimension.
Figure 6 indicates that the classification results of SSAE,
with four-hidden layers’ model of [100], [85], [55], [30], are
affected by the sparse parameter from 0.01 to 0.1. It can be
intuitively seen that when the value of the sparse parameter
is 0.04, the comprehensive performance of the SSAE is the
best. Less than this value, it leads to a deficit in the number of
VOLUME 6, 2018
B. Yan, G. Han: Effective Feature Extraction via SSAE to Improve IDS

FIGURE 5. Experimental results with the number of output layer neurons changes from 1 to 10. (a) ACC. (B) DR. (C) FAR.

FIGURE 6. Experimental results with the sparse parameter changes from 0.01 to 0.1. (a) ACC and DR. (B) FAR. (C) Training Time.

TABLE 7. Effect of low-dimensional features extracted by the SSAE on the performance of the base classifiers for overall classification.

neurons used for training, so there is a downward trending for
the detection performance, and larger than the value, the input
features are not effectively compressed, then the training time
of the model sustains over long periods of time.
C. IMPACT OF THE LOW-DIMENSIONAL
FEATURES ON CLASSIFIERS
To verify the effectiveness of the low-dimensional features
extracted by the SSAE, we used three base classifiers,
including support vector machine (SVM), K-nearest neigh-
bor (KNN), and random forests (RF), to conduct comparative
experiments. The parameters of SSAE use the optimal param-
eters measured in the preceding experiments. Table 7 and
Table 8 summarizes the experimental results for the overall
classification and five-category classification, respectively.
It can be seen that the low-dimensional features compressed
by the SSAE not only has no negative effect on the per-
formance of the classifiers, but also significantly reduce
the training time and testing time of the classifiers. The
results also clearly demonstrate that the SSAE can almost
retain all the amount of information contained in the orig-
inal data while learning the high-level representation of
features.

VOLUME 6, 2018 41245


TABLE 8. Effect of low-dimensional features extracted by the SSAE on the performance of the base classifiers for five-category classification.
TABLE 9. Performance comparison obtained by the proposed and other approaches for overall classification.
D. COMPARISON OF DIFFERENT ALGORITHMS
To evaluate the performance of the proposed method, the opti-
mal SSAE+SVM model is selected to perform comparative
experiments against the conventional and topical algorithms,
including the following three categories: features selection
methods, shallow learning and deep learning models. The
overall ACC, DR, FAR and the size of training dataset are
depicted in Table 9, while Table 10 shows the detection rate
for the five categories. According to the experimental results
shown in these tables, it can be seen that the performance
of SSAE+SVM is very close to or more than other state-
of-the-art approaches in terms of overall accuracy and detec-
tion rate. Moreover, the false alarm rate is only lower than
that of HAST-IDS[15] and LSTM[16], and the gap remains
within 0.05%. This indicates that the method proposed in this
paper has reached or exceeded the average detection level of
other state-of-the-art methods and models. The strength of
41246
B. Yan, G. Han: Effective Feature Extraction via SSAE to Improve IDS
our method is that we can achieve above experimental results
with only 74,487 training samples, far less than the number
of training samples required for other experimental methods
except the RNN-IDS model. However, the performance of the
RNN-IDS is inferior to our method in the metrics of FAR and
DR. Obviously, less consumption of training samples means
that under the same experimental conditions, our method will
train the model in a faster way to meet the requirements of the
system’s real-time performance.
On the other hand, in the multi-classification experiments,
for the detection rate of two types of low frequency attack
samples, R2L and U2R, the methods we proposed have
not achieved satisfactory results, only 84.43% and 67.94%,
respectively. The two methods of DBN4 + LR [17] and
NBC-A [8] get the best performance in the detection of
R2L and U2R respectively. Furthermore, the detection rate
of NBC-A for all five types of samples exceeds 97.5%.
VOLUME 6, 2018
B. Yan, G. Han: Effective Feature Extraction via SSAE to Improve IDS
TABLE 10. Comparisons of DR obtained by the proposed and other approaches for five-category classification.
Through further detailed research on existing literature,
the main reason for this result is that the number of R2L
and U2R attack samples contain in the training set used in
our experiments are scarce and the classification features are
insufficient, which result in the SVM classifier failing to
learn the sample features effectively. Moreover, conventional
machine learning classifiers tend to be more biased towards
the majority samples, because they do not consider the dis-
tribution of the data in the optimization of the loss function.
Worse still, in this case, low frequency attack samples may be
ignored as noise points or outliers of the majority class [31].
Therefore, we believe that all of the above reasons lead to a
low detection rate of R2L and U2R in our experiments.
VI. CONCLUSION AND PROSPECT
Conventional shallow machine learning methods cannot
effectively deal with the high-dimensional feature classifica-
tion task under the condition of large data volume, which lead
to the intrusion detection systems based on machine learning
methods, cannot meet the real-time requirements. Therefore,
this paper proposes a novel feature extraction method based
on deep learning theory, which uses stacking sparse autoen-
coder to realize the nonlinear mapping of high-dimensional
features to low-dimensional features. Then, the new dataset
containing the optimal low-dimensional features is used to
train the classifiers and test for performance. The experimen-
tal results on the NSL-KDD dataset show that the SSAE with
the optimal structure can compress the original features to
5 dimensions without losing the amount of information exist-
ing between the original data. In addition, the results com-
pared with the methods proposed in the existing literatures
show that SSAE can reach or even exceed the average detec-
tion level of conventional machine learning classifiers and
VOLUME 6, 2018
other state-of-the-art approaches in terms of overall detection
performance with relatively less resource consumption.
The disadvantage of the proposed method is that it cannot
effectively detect R2L and U2R low-frequency attack sam-
ples, that is, it cannot overcome the adverse effects caused by
imbalanced data distribution. In future research, how to use
the existing methods or propose new methods to handle the
problem of imbalanced data in the feature extraction process
deserves further attention. Besides, it will be very interesting
to find out the patterns of features learned by SSAE which
can help with manual feature engineering.
REFERENCES
[1] G. Kumar, K. Kumar, and M. Sachdeva ‘‘The use of artificial intelligence
based techniques for intrusion detection: A review,’’ Artif. Intell. Rev.,
vol. 34, no. 4, pp. 369–387, 2010.
[2] Y. LeCun, Y. Bengio, and G. Hinton, ‘‘Deep learning,’’ Nature, vol. 521,
pp. 436–444, May 2015.
[3] R. F. Erbacher, K. L. Walker, and D. A. Frincke, ‘‘Intrusion and misuse
detection in large-scale systems,’’ IEEE Comput. Graph. Appl., vol. 22,
no. 1, pp. 38–47, Jan. 2002.
[4] W. Lee and D. Xiang, ‘‘Information-theoretic measures for anomaly detec-
tion,’’ in Proc. IEEE Symp. Secur. Privacy, Oakland, CA, USA, May 2001,
pp. 130–143.
[5] G. Wang, J. Hao, J. Ma, and L. Huang, ‘‘A new approach to intrusion
detection using artificial neural networks and fuzzy clustering,’’ Expert
Syst. Appl., vol. 37, no. 9, pp. 6225–6232, 2010.
[6] S. M. H. Bamakan, H. Wang, T. Yingjie, and Y. Shi, ‘‘An effective
intrusion detection framework based on MCLP/SVM optimized by time-
varying chaos particle swarm optimization,’’ Neurocomputing, vol. 199,
pp. 90–102, Jul. 2016.
[7] D. Moon, M. Im, I. Kim, and J. H. Park, ‘‘DTB-IDS: An intrusion
detection system based on decision tree using behavior analysis for pre-
venting APT attacks,’’ J. Supercomputing, vol. 73, no. 7, pp. 2881–2895,
2017.
[8] Y. Wang et al., ‘‘A novel intrusion detection system based on advanced
naive Bayesian classification,’’ in Proc. Int. Conf. 5G Fut. Wireless
Netw. (5GWN), Beijing, China, Dec. 2017, pp. 581–588.
41247

[9] W.-C. Lin, S.-W. Ke, and C.-F. Tsai, ‘‘CANN: An intrusion detection sys-
tem based on combining cluster centers and nearest neighbors,’’ Knowl.-
Based Syst., vol. 78, pp. 13–21, Apr. 2015.
[10] B. M. Aslahi-Shahri et al., ‘‘A hybrid method consisting of GA and SVM
for intrusion detection system,’’ Neural Comput. Appl., vol. 27, no. 6,
pp. 1669–1676, Aug. 2016.
[11] C. Guo, Y. Ping, N. Liu, and S.-S. Luo, ‘‘A two-level hybrid approach for
intrusion detection,’’ Neurocomputing, vol. 214, pp. 391–400, Nov. 2016.
[12] A. A. Aburomman and M. B. I. Reaz, ‘‘A novel SVM-kNN-PSO ensem-
ble method for intrusion detection system,’’ Appl. Soft Comput., vol. 38,
pp. 360–372, Jan. 2016.
[13] M. A. Ambusaidi, X. He, P. Nanda, and Z. Tan, ‘‘Building an intrusion
detection system using a filter-based feature selection algorithm,’’ IEEE
Trans. Comput., vol. 65, no. 10, pp. 2986–2998, Oct. 2016.
[14] O. Osanaiye, H. Cai, K.-K. R. Choo, A. Dehghantanha, Z. Xu, and
M. Dlodlo, ‘‘Ensemble-based multi-filter feature selection method for
DDoS detection in cloud computing,’’ Eur. J. Wireless Commun. Netw.,
vol. 2016, pp. 130–140, Dec. 2016.
[15] W. Wang et al., ‘‘HAST-IDS: Learning hierarchical spatial-temporal fea-
tures using deep neural networks to improve intrusion detection,’’ IEEE
Access, vol. 6, no. 1, pp. 1792–1806, Dec. 2017.
[16] R. C. Staudemeyer, ‘‘Applying long short-term memory recurrent neu-
ral networks to intrusion detection,’’ South Afr. Comput. J., vol. 56,
pp. 136–154, Jul. 2015.
[17] K. Alrawashdeh and C. Purdy, ‘‘Toward an online anomaly intrusion
detection system based on deep learning,’’ in Proc. 15th IEEE Int.
Conf. Mach. Learn. Appl. (ICMLA), Anaheim, CA, USA, Dec. 2016,
pp. 195–200.
[18] B. A. Olshausen and D. J. Field, ‘‘Emergence of simple-cell receptive field
properties by learning a sparse code for natural images,’’ Nature, vol. 381,
no. 6583, pp. 607–609, 1996.
[19] A. Ng, ‘‘Sparse autoencoder,’’ CS294A Lect. Notes, vol. 72, pp. 1–19, 2011.
[20] Y. Bengio, P. Lamblin, D. Popovici, and H. Larochelle, ‘‘Greedy layer-wise
training of deep networks,’’ in Proc. 21st Int. Conf. Neural Inform. Process.
Syst. (NIPS), Vancouver, BC, Canada, Jan. 2007, pp. 153–160.
[21] T. T. H. Le, J. Kim, and H. Kim, ‘‘An effective intrusion detection
classifier using long short-term memory with gradient descent optimiza-
tion,’’ in Proc. IEEE Int. Conf. Plat. Technol. Service (PlatCon), Busan,
South Korea, Feb. 2017, pp. 1–6.
[22] D. P. Kingma and J. L. Ba, ‘‘Adam: A method for stochastic optimization,’’
in Proc. 3rd Int. Conf. Learn. Represent. (ICLR), San Diego, CA, USA,
Dec. 2015, pp. 1–13.
[23] S. Rosset and A. Inger, ‘‘KDD-CUP 99: Knowledge discovery in a char-
itable organization’s donor database,’’ ACM SIGKDD Explor. Newslett.,
vol. 1, no. 2, pp. 85–90, 2000.
[24] M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, ‘‘A detailed analysis
of the KDD CUP 99 data set,’’ in Proc. IEEE Symp. Comput. Intell. Secur.
Defense Appl. (CISDA), Ottawa, ON, Canada, Dec. 2009, pp. 1–6.
[25] J. Song, H. Takakura, Y. Okabe, M. Eto, D. Inoue, and K. Nakao, ‘‘Sta-
tistical analysis of honeypot data and building of Kyoto 2006+ dataset
for NIDS evaluation,’’ in Proc. 1st Workshop Building Anal. Datasets
Gathering Exper. Returns Secur., Salzburg, Austria, Apr. 2011, pp. 29–36.
41248
B. Yan, G. Han: Effective Feature Extraction via SSAE to Improve IDS
[26] Y. Bengio, ‘‘Practical recommendations for gradient-based training of deep
architectures,’’ in Neural Networks (Lecture Notes in Computer Science).
Berlin, Germany: Springer, 2012, pp. 437–478.
[27] H. H. Pajouh, R. Javidan, R. Khayami, D. Ali, and K.-K. R. Choo, ‘‘A two-
layer dimension reduction and two-tier classification model for anomaly-
based intrusion detection in IoT backbone networks,’’ IEEE Trans. Emerg.
Topics Comput., Nov. 2016, doi: 10.1109/TETC.2016.2633228.
[28] W. L. Al-Yaseen, Z. A. Othman, and M. Z. A. Nazri, ‘‘Multi-level hybrid
support vector machine and extreme learning machine based on modified
K-means for intrusion detection system,’’ Expert Syst. Appl., vol. 67,
pp. 296–303, Jan. 2017.
[29] D. Papamartzivanos, F. G. Mármol, and G. Kambourakis, ‘‘Dendron:
Genetic trees driven rule induction for network intrusion detection sys-
tems,’’ Future Gener. Comput. Syst., vol. 79, pp. 558–574, Feb. 2018.
[30] C. Yin, Y. Zhu, J. Fei, and X. He, ‘‘A deep learning approach for intrusion
detection using recurrent neural networks,’’ IEEE Access, vol. 5, no. 99,
pp. 21954–21961, Oct. 2017.
[31] T. Fawcett. (Aug. 2016). Learning From Imbalanced Classes. [Online].
Available: https://www.svds.com/learning-imbalanced-classes
BINGHAO YAN was born in 1993. He received
the B.S. degree from the University of Electronic
Science and Technology of China, in 2015, and the
M.S. degree from PLA Information Engineering
University, Zhengzhou, China, in 2017. He is cur-
rently pursuing the Ph.D. degree with the National
Digital Switching System Engineering & Tech-
nology Research Center, Zhengzhou. His research
areas are intrusion detection, information security,
machine learning, and deep learning.
GUODONG HAN was born in 1964. He received
the B.S. and M.S. degrees from PLA Informa-
tion Engineering University, Zhengzhou, China,
in 1986 and 1990, respectively, and the Ph.D.
degree from the National Digital Switching Sys-
tem Engineering & Technology Research Center,
Zhengzhou. He is currently an Associate Professor
with the Provincial Key Laboratory of System on
a Chip, National Digital Switching System Engi-
neering & Technology Research Center. He has
authored over 40 journal and conference publications. His research areas are
network security, signal processing, broadband network, and deep learning.
VOLUME 6, 2018