BLoCNet: a hybrid, dataset-independent intrusion detection system using deep learning

被引:15
作者
Bowen, Brandon [1 ]
Chennamaneni, Anitha [2 ]
Goulart, Ana [1 ]
Lin, Daisy [1 ]
机构
[1] Texas A&M Univ, Engn Technol & Ind Distribut, College Stn, TX 77843 USA
[2] Texas A&M Univ Cent Texas, Comp Informat Syst, Killeen, TX 76549 USA
关键词
Cybersecurity; Intrusion detection; Deep learning; CNN; BLSTM; NETWORK; MODEL;
D O I
10.1007/s10207-023-00663-5
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Intrusion detection systems (IDS) identify cyber attacks given a sample of network traffic collected from real-world computer networks. As a powerful classification tool, deep learning (DL) models have been used as IDSs. Although most models achieve high accuracy, they may not always detect underrepresented attacks. Also, their accuracy depends on the dataset, its features, and the proportion of samples. This paper proposes BLoCNet, a hybrid DL model that combines convolutional neural network (CNN) and bidirectional long short-term memory (BLSTM) layers. CNN allows the IDS to recognize patterns in the features of the network data in a fast computation time. The results are sent to two BLSTM layers, which capitalize on the forward and backward propagation of data to identify malicious traffic. BLoCNet was evaluated against four datasets, and its results compared with five DL models and seven related studies. BLoCNet had a higher attack detection rate for CIC-IDS2017, IoT-23 and UNSW-NB15 than the five DL models. For CIC-IDS2017 and IoT-23 datasets, BLoCNet had an accuracy of 98% and 99%, which is similar performance as related studies, albeit not an exact comparison due to different sampling approaches. For the original UNSW-NB15 dataset, BLoCNet had an accuracy of 76.34% vs. 75.56% of related work. These results demonstrate that BLoCNet performed well across various datasets and confirms that its hybrid model provides good detection results.
引用
收藏
页码:893 / 917
页数:25
相关论文
共 55 条
  • [1] A Hybrid Multiclass Classifier Approach for the Detection of Malicious Domain Names Using RNN Model
    Aarthi, B.
    Shafana, N. Jeenath
    Flavia, Judy
    Chelliah, Balika J.
    [J]. COMPUTATIONAL VISION AND BIO-INSPIRED COMPUTING ( ICCVBIC 2021), 2022, 1420 : 471 - 482
  • [2] Generative Deep Learning to Detect Cyberattacks for the IoT-23 Dataset
    Abdalgawad, N.
    Sajun, A.
    Kaddoura, Y.
    Zualkernan, I. A.
    Aloul, F.
    [J]. IEEE ACCESS, 2022, 10 : 6430 - 6441
  • [3] Allyn B., 2019, 22 TEXAS TOWNS HIT R
  • [4] Altini M., 2015, Dealing with imbalanced data: undersampling, oversampling and proper cross-validation
  • [5] A Survey of Deep Learning Methods for Cyber Security
    Berman, Daniel S.
    Buczak, Anna L.
    Chavis, Jeffrey S.
    Corbett, Cherita L.
    [J]. INFORMATION, 2019, 10 (04)
  • [6] Chollet F., 2017, Deep learning with python
  • [7] Deep Learning Algorithms for Cybersecurity Applications: A Technological and Status Review
    Dixit, Priyanka
    Silakari, Sanjay
    [J]. COMPUTER SCIENCE REVIEW, 2021, 39
  • [8] A Deep Learning Ensemble for Network Anomaly and Cyber-Attack Detection
    Dutta, Vibekananda
    Choras, Michal
    Pawlicki, Marek
    Kozik, Rafal
    [J]. SENSORS, 2020, 20 (16) : 1 - 20
  • [9] DDoSNet: A Deep-Learning Model for Detecting Network Attacks
    Elsayed, Mahmoud Said
    Nhien-An Le-Khac
    Dev, Soumyabrata
    Jurcut, Anca Delia
    [J]. 2020 21ST IEEE INTERNATIONAL SYMPOSIUM ON A WORLD OF WIRELESS, MOBILE AND MULTIMEDIA NETWORKS (IEEE WOWMOM 2020), 2020, : 391 - 396
  • [10] Intrusion Detection System in Smart Home Network Using Bidirectional LSTM and Convolutional Neural Networks Hybrid Model
    Elsayed, Nelly
    Zaghloul, Zaghloul Saad
    Azumah, Sylvia Worlali
    Li, Chengcheng
    [J]. 2021 IEEE INTERNATIONAL MIDWEST SYMPOSIUM ON CIRCUITS AND SYSTEMS (MWSCAS), 2021, : 55 - 58