Applying Long Short-Term Memory Recurrent Neural Network for Intrusion Detection

These days, web applications are used extensively. While organizations benefit from the new abilities they provide, the chance of being targeted is increased, which may cause massive system damage. It is thus important to detect web application attacks. Web intrusion detection systems (IDSs) are important for protecting systems from external users or internal attacks. There are however, many challenges that arise while developing a powerful IDS for unexpected and irregular attacks. Deep Learning approaches provide several methods, and they can detect known and unknown attacks. Long Short-Term Memory (LSTM) is a type of Recurrent Neural Network (RNN) and has the ability to remember values over arbitrary intervals. LSTM is a suitable method to classify and predict known and unknown intrusions. In this work, we propose a deep learning approach to construct an IDS. We apply LSTM RNNs and train the model using the CSIC 2010 HTTP dataset. An LSTM model using the Adam optimizer can construct an efficient IDS binary classifier with an accuracy rate of 0.9997.

[1]  Yuefei Zhu,et al.  A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks , 2017, IEEE Access.

[2]  Gonzalo Álvarez,et al.  Application of the Generic Feature Selection Measure in Detection of Web Attacks , 2011, CISIS.

[3]  Edgard Jamhour,et al.  A clustering-based method for intrusion detection in web servers , 2013, ICT 2013.

[4]  Angela Denise Landress A hybrid approach to reducing the false positive rate in unsupervised machine learning intrusion detection , 2016, SoutheastCon 2016.

[5]  Richard P. Lippmann,et al.  An Overview of Issues in Testing Intrusion Detection Systems , 2003 .

[6]  Jürgen Schmidhuber,et al.  Long Short-Term Memory , 1997, Neural Computation.

[7]  Truong Son Pham,et al.  Machine learning techniques for web intrusion detection — A comparison , 2016, 2016 Eighth International Conference on Knowledge and Systems Engineering (KSE).

[8]  Howon Kim,et al.  Long Short Term Memory Recurrent Neural Network Classifier for Intrusion Detection , 2016, 2016 International Conference on Platform Technology and Service (PlatCon).

[9]  Jimmy Ba,et al.  Adam: A Method for Stochastic Optimization , 2014, ICLR.

[10]  Xiaohong Yuan,et al.  Analyzing HTTP requests for web intrusion detection , 2017 .

[11]  Howon Kim,et al.  An Effective Intrusion Detection Classifier Using Long Short-Term Memory with Gradient Descent Optimization , 2017, 2017 International Conference on Platform Technology and Service (PlatCon).

[12]  Ralf C. Staudemeyer,et al.  Evaluating performance of long short-term memory recurrent neural networks on intrusion detection data , 2013, SAICSIT '13.