Long Short-Term Memory (LSTM) Deep Learning Method for Intrusion Detection in Network Security

Shende, Supriya; Thorat, Samrat

doi:10.17577/ijertv9is061016

Cited by 13 publications

(3 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The authors of [23] proposed to get an accuracy of 98.68% and 98.95%, respectively, by employing an RNN and a DNN. Additionally, the authors of [24] suggested LSTM, which achieves 96.9% accuracy.…”

Section: Related Workmentioning

confidence: 99%

RETRACTED: Enhancing Multi-Class Intrusion Detection through Hybrid Auto Encoder-Deep Neural Network Classifiers: A Comprehensive Analysis of Class Imbalance Mitigation Strategies Using Data Resampling Techniques

Kamal,

Mashaly

2024

Preprint

View full text Add to dashboard Cite

Network and cloud environments must be fortified against a dynamic array of threats, and intrusion detection systems (IDSs) are critical tools for identifying and foiling hostile efforts. Systems for detecting intrusions, classified as anomaly-based or signature-based, have added deep learning models to their repertoire. A significant change has occurred in these systems recently. For the popular anomaly-based intrusion detection system (IDS), which leverages machine learning, attack detection accuracy has shown to be outstanding. We demonstrate with our proposed method that deep learning has enabled unprecedented success in identifying known and unknown threats within cloud systems. However, the intrusion detection benchmark datasets contain more regular traffic samples than attack samples, attempting to replicate real-network traffic. It becomes more challenging for the IDS to recognize specific kinds of attacks as a result, leading to an imbalance in the training data. Our problems thus stem from two factors: unbalanced training data and new, unidentified threats. For an efficient multi-class intrusion detection system, we offer in this paper a hybrid auto encoder-deep neural network (Auto Encoder-DNN) deep learning model that leverages data resampling adaptive synthetic (ADASYN), edited nearest neighbors (ENN) and class weights to get over class imbalance. This advanced technique, Auto Encoder-DNN, focuses on three primary objectives to increase accuracy and performance: 1) lowering the frequencies of false positives and negatives; 2) allowing real-time intrusion detection on fast networks; and 3) detecting zero-day attacks. We evaluate our proposed model Auto Encoder-DNN using the benchmark dataset NSL-KDD, utilizing metrics like as accuracy, precision, recall, and F-score. With an astounding 99.91% accuracy in multi-class classification, the test results show how successful our method is. This proves our IDS's enhanced capacity to defend cloud settings against intrusions by outperforming existing models.

show abstract

Section: Related Workmentioning

confidence: 99%

RETRACTED: Enhancing Multi-Class Intrusion Detection through Hybrid Auto Encoder-Deep Neural Network Classifiers: A Comprehensive Analysis of Class Imbalance Mitigation Strategies Using Data Resampling Techniques

Kamal,

Mashaly

2024

Preprint

View full text Add to dashboard Cite

show abstract

“…For one LSTM cell, at time step t, the forget, input and output gates are represented by i t , O t , f t , respectively, as shown in Fig 1 which discussed before in [ 47 ]. Forget gate decides which information will be deleted from the cell state based on and x t .…”

Section: Preliminary Workmentioning

confidence: 99%

An improved long short term memory network for intrusion detection

Awad,

Ali,

Gaber

2023

PLoS ONE

View full text Add to dashboard Cite

Over the years, intrusion detection system has played a crucial role in network security by discovering attacks from network traffics and generating an alarm signal to be sent to the security team. Machine learning methods, e.g., Support Vector Machine, K Nearest Neighbour, have been used in building intrusion detection systems but such systems still suffer from low accuracy and high false alarm rate. Deep learning models (e.g., Long Short-Term Memory, LSTM) have been employed in designing intrusion detection systems to address this issue. However, LSTM needs a high number of iterations to achieve high performance. In this paper, a novel, and improved version of the Long Short-Term Memory (ILSTM) algorithm was proposed. The ILSTM is based on the novel integration of the chaotic butterfly optimization algorithm (CBOA) and particle swarm optimization (PSO) to improve the accuracy of the LSTM algorithm. The ILSTM was then used to build an efficient intrusion detection system for binary and multi-class classification cases. The proposed algorithm has two phases: phase one involves training a conventional LSTM network to get initial weights, and phase two involves using the hybrid swarm algorithms, CBOA and PSO, to optimize the weights of LSTM to improve the accuracy. The performance of ILSTM and the intrusion detection system were evaluated using two public datasets (NSL-KDD dataset and LITNET-2020) under nine performance metrics. The results showed that the proposed ILSTM algorithm outperformed the original LSTM and other related deep-learning algorithms regarding accuracy and precision. The ILSTM achieved an accuracy of 93.09% and a precision of 96.86% while LSTM gave an accuracy of 82.74% and a precision of 76.49%. Also, the ILSTM performed better than LSTM in both datasets. In addition, the statistical analysis showed that ILSTM is more statistically significant than LSTM. Further, the proposed ISTLM gave better results of multiclassification of intrusion types such as DoS, Prob, and U2R attacks.

show abstract

“…A big problem for intrusion detection systems is dealing with harmful software that can cause network security issues and serious problems [2][3][4]. Cyber-attacks are becoming more complex, making it harder to identify new types of malicious software that aim to steal important information and avoid detection via intrusion detection systems.…”

Section: Introductionmentioning

confidence: 99%

An Optimized Hybrid Deep Intrusion Detection Model (HD-IDM) for Enhancing Network Security

Ahmad,

Imran,

Qayyum

et al. 2023

Mathematics

View full text Add to dashboard Cite

Detecting cyber intrusions in network traffic is a tough task for cybersecurity. Current methods struggle with the complexity of understanding patterns in network data. To solve this, we present the Hybrid Deep Learning Intrusion Detection Model (HD-IDM), a new way that combines GRU and LSTM classifiers. GRU is good at catching quick patterns, while LSTM handles long-term ones. HD-IDM blends these models using weighted averaging, boosting accuracy, especially with complex patterns. We tested HD-IDM on four datasets: CSE-CIC-IDS2017, CSE-CIC-IDS2018, NSL KDD, and CIC-DDoS2019. The HD-IDM classifier achieved remarkable performance metrics on all datasets. It attains an outstanding accuracy of 99.91%, showcasing its consistent precision across the dataset. With an impressive precision of 99.62%, it excels in accurately categorizing positive cases, crucial for minimizing false positives. Additionally, maintaining a high recall of 99.43%, it effectively identifies the majority of actual positive cases while minimizing false negatives. The F1-score of 99.52% emphasizes its robustness, making it the top choice for classification tasks requiring precision and reliability. It is particularly good at ROC and precision/recall curves, discriminating normal and harmful network activities. While HD-IDM is promising, it has limits. It needs labeled data and may struggle with new intrusion methods. Future work should find ways to handle unlabeled data and adapt to emerging threats. Also, making HD-IDM work faster for real-time use and dealing with scalability challenges is key for its broader use in changing network environments.

show abstract

Long Short-Term Memory (LSTM) Deep Learning Method for Intrusion Detection in Network Security

Cited by 13 publications

References 5 publications

RETRACTED: Enhancing Multi-Class Intrusion Detection through Hybrid Auto Encoder-Deep Neural Network Classifiers: A Comprehensive Analysis of Class Imbalance Mitigation Strategies Using Data Resampling Techniques

RETRACTED: Enhancing Multi-Class Intrusion Detection through Hybrid Auto Encoder-Deep Neural Network Classifiers: A Comprehensive Analysis of Class Imbalance Mitigation Strategies Using Data Resampling Techniques

An improved long short term memory network for intrusion detection

An Optimized Hybrid Deep Intrusion Detection Model (HD-IDM) for Enhancing Network Security

Contact Info

Product

Resources

About