An innovative model for an enhanced dual intrusion detection system using LZ‐JC‐DBSCAN, EPRC‐RPOA and EG‐GELU‐GRU

The rise of suspicious activities in network communication, driven by increased internet accessibility, necessitates the development of advanced intrusion detection systems (IDS). Existing IDS solutions often exhibit poor performance in detecting suspicious activity and fail to identify various atta...

Full description

Saved in:
Bibliographic Details
Published in:IET communications 2024-11, Vol.18 (18), p.1300-1318
Main Authors: R. C., Jeyavim Sherin, K., Parkavi
Format: Article
Language:English
Subjects:
computer network security
computer networks
cyber‐physical systems
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The rise of suspicious activities in network communication, driven by increased internet accessibility, necessitates the development of advanced intrusion detection systems (IDS). Existing IDS solutions often exhibit poor performance in detecting suspicious activity and fail to identify various attack types within packet capture (PCAP) files, which monitor network traffic. This paper proposes a deep learning‐based dual IDS model designed to address these issues. The process begins with utilizing the CSE‐CIC‐IDS2019 dataset to extract features from PCAP files. Suspicious activities are detected using the Exponential Geometric‐Gaussian Error Linear Units‐Gated Recurrent Unit (EG‐GELU‐GRU) method. Normal data undergoes further feature extraction and preprocessing through Log ZScore‐Jacosine Density‐Based Spatial Clustering of Applications with Noise (LZ‐JC‐DBSCAN). Feature selection is optimized using the Entropy Pearson R Correlation‐Red Panda optimization algorithm. Suspicious files are flagged, while load balancing is performed on normal data. Attack detection is achieved through word embedding with the Glorot Kaufman‐bidirectional encoder representations from transformers technique and classification via the EG‐GELU‐GRU model. Attacked packets are blocked, and the method is reapplied for attack‐type classification. Experimental results using Python demonstrate the model’s superior performance, achieving 98.18% accuracy and 98.73% precision, surpassing existing approaches and significantly enhancing intrusion detection capabilities. Intrusion detection systems (IDS) monitor network activity to detect unusual patterns indicative of security breaches. However, many existing IDS solutions struggle with accurately identifying attacks within packet capture (PCAP) files. To address this limitation, a deep learning‐based dual IDS model is proposed. Utilizing the Cyber Intelligence Centre‐Distributed Denial of Service Attack 2019 dataset, this model begins by extracting features and attributes from PCAP files. Experimental results demonstrate that this model achieves 98.18% accuracy and 98.73% precision in classification tasks, significantly outperforming existing approaches. These findings highlight the effectiveness of the proposed system in enhancing intrusion detection capabilities.
ISSN:1751-8628
1751-8636
DOI:10.1049/cmu2.12831