An Efficient Network Intrusion Detection Model Combining CNN and BiLSTM
Keywords:
BiLSTM , CNN , Deep Learning , Intrusion Detection , LSTM , NIDSAbstract
The technological advancement led to increase in the internet usage and created rooms for attackers to exploit our data. Hackers commonly conduct network attacks to alter, damage, or steal private data. Intrusion detection systems (IDS) are the best and most effective techniques when it comes to tackle these threats. An IDS is a software application or hardware device that monitors traffic to search for malicious activity or policy breaches. Intrusion detection is a major challenge for security experts in the cyber world. Traditional IDS failed to detect complex and unknown cyber-attacks. Many IDS models using machine learning (ML) methods have shown good performance in detecting attacks. However, their limitations in terms of data complexity give rise to DL methods. Recent work has shown that deep learning (DL) techniques are highly effective for assisting network intrusion detection systems (NIDS) in identifying malicious attacks on networks. This paper proposed a deep learning model that incorporates learning of spatial and temporal data features by combining the distinct strengths of a Convolutional Neural Network and a Bi-directional LSTM. The publicly available dataset NSL-KDD is used to train and test the model in this paper. The proposed model has a high accuracy rate of 99.22% and detection rate of 99.15%.
Downloads
References
Global digital population as of April 2022 https://www.statista.com/statistics/617136/digital-population-worldwide/
Types of Cyber Attacks https://www.fortinet.com/resources/cyberglossary/types-of-cyber-attacks
Understanding the cost of a cybersecurity attack: The losses organizations face | Packt Hub.
https://vpnusecase.com/statistics/cyber-attacks-per-year/
Liao H-J, Lin C-HR, Lin Y-C, Tung K-Y (2013) Intrusion detection system: a comprehensive review. J Netw Comput Appl 36(1):16–24
Hu J, Yu X, Qiu D, Chen H-H (2009) A simple and efficient hidden Markov model scheme for host-based anomaly intrusion detection. IEEE Netw23(1):42–47
Creech G, Hu J (2013) A semantic approach to host-based intrusion detection systems using contiguousand discontiguous system call patterns. IEEE TransComput 63(4):807–819
Keserwani, Pankaj Kumar et al. “An effective NIDS framework based on a comprehensive survey of feature optimization and classification techniques.” Neural Computing and Applications (2021): 1-21.
https://doi.org/10.1007/s00521021-06093-5
Dina, Ayesha S. and D. Manivannan. “Intrusion detection based on Machine Learning techniques in computer networks.” Internet Things 16 (2021):100462. https://doi.org/10.1016/j.iot.2021.100462.
Kocher, G., Kumar, G. Machine learning and deep learning methods for intrusion
Detection systems: recent developments and challenges. Soft Comput 25, 9731–9763
(2021). https://doi.org/10.1007/s00500-021-05893-0
Gao N, Gao L, Gao Q, Wang H (2014) An intrusion detection model based on deep belief networks. In: 2014 Second international conference on advanced cloud and big data.pp.247–252
Li Y, Ma R, Jiao R (2015) A hybrid malicious code detection method based on deep learning. Int J Secur Appl 9(5):205–216
Lotfollahi M, Siavoshani MJ, Zade RSH, Saberian M (2020) Deep packet: a novel approach for encrypted traffic classification using deep learning. Soft Comput 24(3):1999–2012
Draper-Gil G, Lashkari AH, Mamun MSI, Ghorbani AA (2016) Characterization of encrypted and VPN traffic using time-related. In: Proceedings of the 2nd international conference on information systems security and privacy (ICISSP), pp. 407–414
Wang W, Zhu M, Wang J, Zeng X, Yang Z (2017) End-to-end encrypted traffic classification with one-dimensional convolution neural networks. In: 2017 IEEE international conference on intelligence and security informatics (ISI), pp. 43–48
Wang W, Zhu M, Zeng X, Ye X, Sheng Y (2017) Malware traffic classification using convolutional neural network for representation learning. In: 2017 international conference on information networking (ICOIN), pp. 712–717
Y. Xiao, C. Xing, T. Zhang and Z. Zhao, "An Intrusion Detection Model Based on Feature Reduction and Convolutional Neural Networks," in IEEE Access,vol. 7, pp. 42210-42219, 2019, doi: 10.1109/ACCESS.2019.2904620.
Yu Y, Bian N. An intrusion detection method using few-shot learning. IEEEAccess.2020;8:49730-49740. https://doi.org/10.1109/ACCESS. 2020.2980136.
Wang Y, Yao Q, Kwok J, Ni LM. Generalizing from a few examples: a survey on few- shotlearning; 2019. arXiv: 1904.05046.
Zhang X, Chen J, Zhou Y, Han L, Lin J. A multiple-layer representation learning model for network-based attack detection. IEEE Access. 2019;7:91992-92008. https://doi.org/10.1109/ACCESS.2019.2927465.
Alotaibi, Shoayee et al. “Deep Neural Network-Based Intrusion Detection System through PCA.” Mathematical Problems in Engineering (2022): n. pag. https://doi.org/10.1155/2022/6488571
Maimo´ LF, Go´mez A´ LP, Clemente FJG, Pe´rez MG, Pe´rez GM (2018) A self- adaptive deep learning-based system for anomaly detection in 5g networks. IEEE Access 6:7700–7712
Garcia S, Grill M, Stiborek J, Zunino A (2014) An empirical comparison of botnet detection methods. Comput Secur 45:100–123
Kang M-J, Kang J-W (2016) Intrusion detection system using deep neural network for
in-vehicle network security. PloS one 11(6):e0155781
Abeshu A, Chilamkurti N (2018) Deep learning: the frontier for distributed attack detection in fog-to-things computing. IEEE Commun Mag 56(2):169–175
Raman MG, Somu N, Kirthivasan K, Liscano R, Sriram VS (2017) An efficient intrusion detection system based on hypergraph-genetic algorithm for parameter optimization and feature selection in support vector machine. Knowledge-Based Syst 134:1–12
R. Vinayakumar, K. Soman, and P. Poornachandran, “Evaluation of recurrent neural network and its variants for intrusion detection system (ids),”International Journal of Information System Modeling and Design, vol. 8,July-September 2017.
R. U. Khan, X. Zhang, M. Alazab, and R. Kumar, “An improved convolutional neural network model for intrusion detection in networks,” in 2019 Cybersecurity and Cyberforensics Conference (CCC), 2019, pp. 74–77.
A. Krizhevsky, I. Sutskever, and G. E. Hinton, ‘‘Imagenet classification with deep convolutional neural networks,’’ Commun. ACM, vol. 60, no. 6, pp. 84–90, 2017.
Lawrence S, Giles CL, Tsoi AC, Back AD. Face recognition: a convolutional neural- network approach. IEEE Trans Neural Netw. 1997;8(1):98-113. https://doi.org/10.1109/72.554195.s
S. Albawi, T. A. Mohammed and S. Al-Zawi, "Understanding of a convolutional neural network," 2017 International Conference on Engineering and Technology (ICET), 2017, pp. 1-6,doi:10.1109/ICEngTechnol.2017.8308186.
K. Jiang, W. Wang, A. Wang and H. Wu, "Network Intrusion Detection Combined Hybrid Sampling With Deep Hierarchical Network," in IEEE Access, vol. 8, pp. 32464- 32476,2020, doi: 10.1109/ACCESS.2020.2973730.
Hochreiter S, Schmidhuber J. Long short-term memory. Neural Comput. 1997;9(8):1735-1780. https://doi.org/10.1162/neco.1997.9.8. 1735.
NSL-KDD | Datasets | Research | Canadian Institute for Cybersecurity | UNB. https://www.unb.ca/cic/datasets/nsl.html.
Sinha, J., & Manollas, M. (2020). Efficient Deep CNN-BiLSTM Model for Network Intrusion Detection. Proceedings of the 2020 3rd International Conference on Artificial Intelligence and Pattern Recognition.
Gao, Jing. (2022). Network Intrusion Detection Method Combining CNN and BiLSTM in Cloud Computing Environment. Computational intelligence and neuroscience. 2022. 7272479. 10.1155/2022/7272479.
Kishor Kumar Reddy C, Anisha P R, Shastry R, Ramana Murthy B V, “Comparative Study on Internet of Things: Enablers and Constraints”, Advances in Intelligent Systems and Computing, 2021
Kishor Kumar Reddy C, Anisha P R, Apoorva K, “Early Prediction of Pneumonia using Convolutional Neural Network and X-Ray Images”, Smart Innovation, Systems and Technologies, 2021
R Madana Mohana, Kishor Kumar Reddy C and Anisha P R, “A Study and Early Identification of Leaf Diseases in Plants using Convolutional Neural Network”, Springer 4th Int Conference on Smart Computing and Informatics, 2020, India
Anisha P R, C Kishor Kumar Reddy and Nuzhat Yasmeen, “Predicting the Energy Output of Wind Turbine Based on Weather Condition”, Springer 4th Int Conference on Smart Computing and Informatics, 2020, India
Kishor Kumar Reddy C, Apoorva K, Anisha P R, “Early Prediction of Pneumonia using Convolutional Neural Network and X-Ray Images”, Springer 4th Int Conference on Smart Computing and Informatics, 2020, India
Viswanatha Reddy, Dr. Elango NM and Dr. C Kishor Kumar Reddy and Anisha P R, “Prediction of Diabetes using Internet of Things (IOT) and Decision Trees: SLDPS, Springer FICTA, January 2020, India.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
You are free to:
- Share — copy and redistribute the material in any medium or format for any purpose, even commercially.
- Adapt — remix, transform, and build upon the material for any purpose, even commercially.
- The licensor cannot revoke these freedoms as long as you follow the license terms.
Under the following terms:
- Attribution — You must give appropriate credit , provide a link to the license, and indicate if changes were made . You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
- No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
Notices:
You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation .
No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.
