MLIDS22- IDS Design by Applying Hybrid CNN-LSTM Model on Mixed-Datasets

被引：0

作者：

Abdulmajeed I.A. ^{[1
]}

Husien I.M. ^{[1
]}

机构：

[1] Department of Computer Science, College of Computer Science and Information Technology, University of Kirkuk, Kirkuk

来源：

Informatica (Slovenia) | 2022年 / 46卷 / 08期

关键词：

Accuracy; CNN; Inter-Dataset; Intrusion Detection System; LSTM; Machine Learning; ROC curve;

D O I：

10.31449/inf.v46i8.4348

中图分类号：

学科分类号：

摘要：

The intrusion detection system (IDS) is an essential part of cyber security which captures and investigates traffic to distinguish between legitimate and malicious activities and determines the type of attack. The selection of the dataset used in training the machine learning-based IDS is crucial in ensuring that IDS performs accurately in cyber-attack classification. When utilizing multiple datasets in the training process, the metrics will relate numerically between the ML algorithm and a particular dataset. Previous research concluded a major decline in metrics when using inter-datasets evaluation. This research thoroughly investigates the use of the most modern and comprehensive IDS datasets, CIC-IDS2017 and CSE-CIC-IDS2018, to design and evaluate machine learning-based IDS systems using hybrid CNN-LSTM architecture. The new approach followed is to generate a new dataset which is the output of mixing both datasets. The experimental testing showed superior metrics values yielded when training with the mixture dataset against the use of individual datasets, especially when performing the inter-datasets evaluation, which overcomes the generalization problem. © 2022 Slovene Society Informatika. All rights reserved.

引用

页码：121 / 134

页数：13

共 29 条

[1] Scarfone K., Mell P., Guide to intrusion detection and prevention systems (idps), NIST special publication, 800, (2007)
[2] Barry B. I. A., Chan H. A., Intrusion detection systems, Handbook of information and communication security, pp. 193-205, (2010)
[3] Ahmad Z., Shahid Khan A., Wai Shiang C., Abdullah J., Ahmad F., Network intrusion detection system: A systematic study of machine learning and deep learning approaches, Transactions on Emerging Telecommunications Technologies, 32, (2021)
[4] Rhodes-Ousley M., Information Security The Complete Reference, (2013)
[5] Ghorbani A. A., Lu W., Tavallaee M., Network intrusion detection and prevention: concepts and techniques, 47, (2009)
[6] El-Taj H., Najjar F., Alsenawi H., Najjar M., Intrusion detection and prevention response based on signature-based and anomaly-based: Investigation study, International Journal of Computer Science and Information Security, 10, (2012)
[7] Inayat Z., Gani A., Anuar N. B., Khan M. K., Anwar S., Intrusion response systems: Foundations, design, and challenges, Journal of Network and Computer Applications, 62, pp. 53-74, (2016)
[8] Verkerken M., D'hooge L., Wauters T., Volckaert B., De Turck F., Towards model generalization for intrusion detection: Unsupervised machine learning techniques, Journal of Network and Systems Management, 30, pp. 1-25, (2022)
[9] Chamou D., Toupas P., Ketzaki E., Papadopoulos S., Giannoutakis K. M., Drosou A., Tzovaras D., Intrusion detection system based on network traffic using deep neural networks, 2019 IEEE 24th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), (2019)
[10] Roopak M., Tian G. Y., Chambers J., Deep learning models for cyber security in IoT networks, 2019 IEEE 9th annual computing and communication workshop and conference (CCWC), (2019)

← 1 2 3 →