DL-IDS: Extracting Features Using CNN-LSTM Hybrid Network for Intrusion Detection System

Many studies utilized machine learning schemes to improve network intrusion detection systems recently. Most of the research is based on manually extracted features, but this approach not only requires a lot of labor costs but also loses a lot of information in the original data, resulting in low judgment accuracy and cannot be deployed in actual situations. This paper develops a DL-IDS (deep learning-based intrusion detection system), which uses the hybrid network of Convolutional Neural Network (CNN) and Long Short-Term Memory Network (LSTM) to extract the spatial and temporal features of network traffic data and to provide a better intrusion detection system. To reduce the influence of an unbalanced number of samples of different attack types in model training samples on model performance, DL-IDS used a category weight optimization method to improve the robustness. Finally, DL-IDS is tested on CICIDS2017, a reliable intrusion detection dataset that covers all the common, updated intrusions and cyberattacks. In the multiclassification test, DL-IDS reached 98.67% in overall accuracy, and the accuracy of each attack type was above 99.50%.

[1]  Frank Mueller,et al.  Machine Learning Enhanced Real-Time Intrusion Detection Using Timing Information , 2018 .

[2]  Yang Yu,et al.  A Hybrid Spectral Clustering and Deep Neural Network Ensemble Algorithm for Intrusion Detection in Sensor Networks , 2016, Sensors.

[3]  Hassan Mathkour,et al.  A Genetic-Based Extreme Gradient Boosting Model for Detecting Intrusions in Wireless Sensor Networks , 2019, Sensors.

[4]  Ahmed Ahmim,et al.  A Detailed Analysis of Using Supervised Machine Learning for Intrusion Detection , 2020 .

[5]  Mansoor Alam,et al.  A Deep Learning Approach for Network Intrusion Detection System , 2016, EAI Endorsed Trans. Security Safety.

[6]  Ali A. Ghorbani,et al.  Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization , 2018, ICISSP.

[7]  Farrukh Aslam Khan,et al.  A Comparative Study of Machine Learning Classifiers for Network Intrusion Detection , 2019, ICAIS.

[8]  Lili Xu,et al.  Improvement of SOM Classification Algorithm and Application Effect Analysis in Intrusion Detection , 2019 .

[9]  Bartley D. Richardson,et al.  Sequence Aggregation Rules for Anomaly Detection in Computer Network Traffic , 2018, ArXiv.

[10]  Giancarlo Fortino,et al.  A hybrid deep learning model for efficient intrusion detection in big data environment , 2020, Inf. Sci..

[11]  Peilun Wu,et al.  LuNet: A Deep Neural Network for Network Intrusion Detection , 2019, 2019 IEEE Symposium Series on Computational Intelligence (SSCI).

[12]  Adel Sabry Eesa,et al.  A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems , 2015, Expert Syst. Appl..

[13]  Mohamed Amine Ferrag,et al.  Blockchain and Random Subspace Learning-Based IDS for SDN-Enabled Industrial IoT Security , 2019, Sensors.

[14]  Pascal Vincent,et al.  Representation Learning: A Review and New Perspectives , 2012, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[15]  Ajith Abraham,et al.  ANTIDS: Self Orga nized Ant-Based C lustering Model for Intrusion Det ection System , 2004, WSTST.

[16]  Lei Guo,et al.  Resilient Control of Wireless Networked Control System Under Denial-of-Service Attacks: A Cross-Layer Design Approach , 2020, IEEE Transactions on Cybernetics.

[17]  Miad Faezipour,et al.  Features Dimensionality Reduction Approaches for Machine Learning Based Network Intrusion Detection , 2019, Electronics.

[18]  Van Nhan Vo,et al.  Averaged dependence estimators for DoS attack detection in IoT networks , 2020, Future Gener. Comput. Syst..

[19]  Virender Ranga,et al.  Statistical analysis of CIDDS-001 dataset for Network Intrusion Detection Systems using Distance-based Machine Learning , 2018 .

[20]  Haider Abbas,et al.  Security Vulnerabilities, Attacks, Countermeasures, and Regulations of Networked Medical Devices—A Review , 2019, IEEE Communications Surveys & Tutorials.

[21]  Howon Kim,et al.  Long Short Term Memory Recurrent Neural Network Classifier for Intrusion Detection , 2016, 2016 International Conference on Platform Technology and Service (PlatCon).

[22]  Kendall E. Nygard,et al.  Convolutional Neural Networks with LSTM for Intrusion Detection , 2020, CATA.

[23]  Xing Zhao,et al.  Intrusion Detection Algorithm Based on Convolutional Neural Network , 2018 .

[24]  Yu Wang,et al.  A fog-based privacy-preserving approach for distributed signature-based intrusion detection , 2018, J. Parallel Distributed Comput..

[25]  Jenq-Shiou Leu,et al.  Using Long-Short-Term Memory Based Convolutional Neural Networks for Network Intrusion Detection , 2018, WICON.

[26]  Witold Pedrycz,et al.  Network traffic fusion and analysis against DDoS flooding attacks with a novel reversible sketch , 2019, Inf. Fusion.

[27]  Ahmad Almogren,et al.  Increasing the Trustworthiness in the Industrial IoT Networks Through a Reliable Cyberattack Detection Model , 2020, IEEE Transactions on Industrial Informatics.

[28]  Naiqi Wu,et al.  SVM-DT-based adaptive and collaborative intrusion detection , 2018, IEEE/CAA Journal of Automatica Sinica.

[29]  Miad Faezipour,et al.  An Enhanced Design of Sparse Autoencoder for Latent Features Extraction Based on Trigonometric Simplexes for Network Intrusion Detection Systems , 2020, Electronics.