CNN-LSTM: hybrid deep neural network for network intrusion detection system; a case
Network security becomes indispensable to our daily interactions and networks. As attackers continue to develop new types of attacks and the size of networks continues to grow, the need for an effective intrusion detection system has become critical. Numerous studies implemented machine learning alg...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Institute of Electrical and Electronics Engineers Inc.
2022
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/100333/7/100333_CNN-LSTM%20hybrid%20deep%20neural%20network.pdf http://irep.iium.edu.my/100333/ https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9889698 https://doi.org/10.1109/ACCESS.2022.3206425 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Network security becomes indispensable to our daily interactions and networks. As attackers continue to develop new types of attacks and the size of networks continues to grow, the need for an effective intrusion detection system has become critical. Numerous studies implemented machine learning algorithms to develop an effective IDS; however, with the advent of deep learning algorithms and artificial neural networks that can generate features automatically without human intervention, researchers began to rely on deep learning. In our research, we took advantage of the Convolutional Neural Network’s ability to extract spatial features and the Long Short-Term Memory Network’s ability to extract temporal features to create a hybrid intrusion detection system model. We added batch normalization and dropout layers to the model to increase its performance. Based on the binary and multiclass classification, the model was trained using three datasets: CIC-IDS 2017, UNSW-NB15, and WSN-DS. The confusion matrix determines the system’s effectiveness, which includes evaluation criteria such as accuracy, precision, detection rate, F1-score, and false alarm rate (FAR). The effectiveness of the proposed model was demonstrated by experimental results showing a high detection rate, high accuracy, and a relatively low FAR. |
|---|