Unified Deep Learning approach for Efficient Intrusion Detection System using Integrated Spatial–Temporal Features

Intrusion detection systems (IDS) differentiate the malicious entries from the legitimate entries in network traffic data and helps in securing the networks. Deep learning algorithms have been greatly employed in the network security field for large scale data in modern cyberspace networks because o...

Full description

Saved in:
Bibliographic Details
Published in:Knowledge-based systems 2021-08, Vol.226, p.107132, Article 107132
Main Authors: Rajesh Kanna, P, Santhi, P
Format: Article
Language:English
Subjects:
Algorithms
Artificial neural networks
Classification
Communications traffic
Deep learning
Feature extraction
Hierarchical Multi-scale LSTM
Internet
Intrusion detection systems
Lion Swarm Optimization
Machine learning
Neural networks
NSL-KDD
Optimization
Optimized Convolutional Neural Networks
spatial–temporal features
UNSWNB15
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Intrusion detection systems (IDS) differentiate the malicious entries from the legitimate entries in network traffic data and helps in securing the networks. Deep learning algorithms have been greatly employed in the network security field for large scale data in modern cyberspace networks because of their ability to learn the deeply integrated features. However, learning both space and time aspects of system information are very challenging for any individual deep knowledge model. While Convolutional Neural Networks (CNN) effectively acquires the spatial aspects, the Long Short-Term Memory (LSTM) neural networks perform better for temporal features. Integrating the benefits of these models has the potential for improving the large scale IDS. In this paper, a high accurate IDS model is proposed by using a unified model of Optimized CNN (OCNN) and Hierarchical Multi-scale LSTM (HMLSTM) for effective extraction and learning of spatial–temporal features. The proposed IDS model performs the pre-processing, feature extraction through network training and network testing and final classification. In the OCNN–HMLSTM model, the Lion Swarm Optimization (LSO) is used to tune the hyper-parameters of CNN for the optimal configuration of learning spatial features. The HMLSTM learns the hierarchical relationships between the different features and extracts the time features. Lastly, the unified IDS approach utilizes the extracted spatial–temporal features for categorizing the network data. Tests are performed over public IDS datasets namely NSL-KDD, ISCX-IDS and UNSWNB15. Assessing the performance of OCNN–HMLSTM​ against the contemporary IDS methods, the proposed model performs better intrusion detection with high accuracy of above 90% with less false values and better classification coefficients.
ISSN:0950-7051
1872-7409
DOI:10.1016/j.knosys.2021.107132