Intrusion Detection Systems (IDS) are essential for computer security, with various techniques developed over time. However, many of these methods suffer from high false positive rates. To address this, we propose an approach utilizing Recurrent Neural Networks (RNN). Our method starts by reducing the dataset’s dimensionality using a Deep Auto-Encoder (DAE), followed by intrusion detection through a Bidirectional Long Short-Term Memory (BiLSTM) network. The proposed DAE-BiLSTM model outperforms Random Forest, AdaBoost, and standard BiLSTM models, achieving an accuracy of 0.97, a recall of 0.95, and an AUC of 0.93. Although BiLSTM is slightly less effective than DAE-BiLSTM, both RNN-based models outperform AdaBoost and Random Forest. ROC curves show that DAE-BiLSTM is the most effective, demonstrating strong detection capabilities with a low false positive rate. While AdaBoost performs well, it is less effective than RNN models but still surpasses Random Forest.
References
[1]
Rai, A., et al. (2020) A Review of Information Security: Issues and Techniques. InternationalJournalforResearchinAppliedScienceandEngineeringTechnology, 8, 953-960. https://doi.org/10.22214/ijraset.2020.5150
[2]
Alanazi, H., Noor, R., Zaidan, B.B., etal. (2010) Intrusion Detection System: Overview. Journal of Computing, 2, 130-133. https://doi.org/10.48550/arXiv.1002.4047
[3]
Salih, R., Den Hartog, J. and Smulders, E. (2020) Semantical Rule-Based False Positive Detection for IDS. https://pure.tue.nl/ws/portalfiles/portal/174214825/Salih_R..pdf
[4]
Santhosh Kumar, S.V.N., Selvi, M. and Kannan, A. (2023) A Comprehensive Survey on Machine Learning‐Based Intrusion Detection Systems for Secure Communication in Internet of Things. ComputationalIntelligenceandNeuroscience, 2023, Article ID: 8981988. https://doi.org/10.1155/2023/8981988
[5]
Siami-Namini, S., Tavakoli, N. and Namin, A.S. (2019). The Performance of LSTM and BiLSTM in Forecasting Time Series. 2019 IEEEInternationalConferenceonBigData (BigData), Los Angeles, 9-12 December 2019, 3285-3292. https://doi.org/10.1109/bigdata47090.2019.9005997
[6]
Ioulianou, P., Vasilakis, V., Moscholios, I., et al. (2018) A Signature-Based Intrusion Detection System for the Internet of Things. InformationandCommunicationTechnologyForm, Graz, 11-13 July 2018. https://eprints.whiterose.ac.uk/133312/
[7]
Masdari, M. and Khezri, H. (2020) A Survey and Taxonomy of the Fuzzy Signature-Based Intrusion Detection Systems. AppliedSoftComputing, 92, Article ID: 106301. https://doi.org/10.1016/j.asoc.2020.106301
[8]
Díaz-Verdejo, J., Muñoz-Calle, J., Estepa Alonso, A., Estepa Alonso, R. and Madinabeitia, G. (2022) On the Detection Capabilities of Signature-Based Intrusion Detection Systems in the Context of Web Attacks. AppliedSciences, 12, Article No. 852. https://doi.org/10.3390/app12020852
[9]
Moukhafi, M., Bri, S. and El Yassini, K. (2018) Intrusion Detection System Based on a Behavioral Approach. In: Talbi, E.-G. and Nakib, A., Eds., StudiesinComputationalIntelligence, Springer International Publishing, 61-75. https://doi.org/10.1007/978-3-319-95104-1_4
[10]
Vinayakumar, R., Alazab, M., Soman, K.P., Poornachandran, P., Al-Nemrat, A. and Venkatraman, S. (2019) Deep Learning Approach for Intelligent Intrusion Detection System. IEEEAccess, 7, 41525-41550. https://doi.org/10.1109/access.2019.2895334
[11]
Azam, Z., Islam, M.M. and Huda, M.N. (2023) Comparative Analysis of Intrusion Detection Systems and Machine Learning-Based Model Analysis through Decision Tree. IEEEAccess, 11, 80348-80391. https://doi.org/10.1109/access.2023.3296444
[12]
Azam, Z., Islam, M.M. and Huda, M.N. (2023) Comparative Analysis of Intrusion Detection Systems and Machine Learning Based Model Analysis through Decision Tree. IEEE Access, 11, 80348-80391.
[13]
Mo, X., Pang, J. and Liu, Z. (2024) Deep Autoencoder Architecture with Outliers for Temporal Attributed Network Embedding. ExpertSystemswithApplications, 240, Article ID: 122596. https://doi.org/10.1016/j.eswa.2023.122596
[14]
Yang, Y., Tu, S., Hashim Ali, R., Alasmary, H., Waqas, M. and Nouman Amjad, M. (2023) Intrusion Detection Based on Bidirectional Long Short-Term Memory with Attention Mechanism. Computers, Materials&Continua, 74, 801-815. https://doi.org/10.32604/cmc.2023.031907
[15]
Sherstinsky, A. (2020) Fundamentals of Recurrent Neural Network (RNN) and Long Short-Term Memory (LSTM) Network. PhysicaD: NonlinearPhenomena, 404, Article ID: 132306. https://doi.org/10.1016/j.physd.2019.132306
[16]
Tokpa, F.W.R., Kamagaté, B.H., Monsan, V. and Oumtanaga, S. (2023) Fake News Detection in Social Media: Hybrid Deep Learning Approaches. JournalofAdvancesinInformationTechnology, 14, 606-615. https://doi.org/10.12720/jait.14.3.606-615
[17]
Yu, Y., Si, X., Hu, C. and Zhang, J. (2019) A Review of Recurrent Neural Networks: LSTM Cells and Network Architectures. NeuralComputation, 31, 1235-1270. https://doi.org/10.1162/neco_a_01199
[18]
Smagulova, K. and James, A.P. (2019) A Survey on LSTM Memristive Neural Network Architectures and Applications. TheEuropeanPhysicalJournalSpecialTopics, 228, 2313-2324. https://doi.org/10.1140/epjst/e2019-900046-x
[19]
Akandeh, A. and Salem, F.M. (2019) Slim LSTM NETWORKS: LSTM_6 and Lstm_C6. 2019 IEEE 62ndInternationalMidwestSymposiumonCircuitsandSystems (MWSCAS), Dallas, 4-7 August 2019, 630-633. https://doi.org/10.1109/mwscas.2019.8884912
[20]
Gill, K.S., Anand, V., Chauhan, R., Choudhary, A. and Gupta, R. (2023) CNN, LSTM, and Bi-LSTM Based Self-Attention Model Classification for User Review Sentiment Analysis. 2023 3rdInternationalConferenceonSmartGenerationComputing, CommunicationandNetworking (SMARTGENCON), Bangalore, 29-31 December 2023, 1-6. https://doi.org/10.1109/smartgencon60755.2023.10442498
[21]
Graves, A., Fernández, S. and Schmidhuber, J. (2005) Bidirectional LSTM Networks for Improved Phoneme Classification and Recognition. 15th International Conference, ICANN 2005, Warsaw, 11-15 September 2005, 799-804. https://doi.org/10.1007/11550907_126
[22]
Liu, M., Zhu, T., Ye, J., Meng, Q., Sun, L. and Du, B. (2023) Spatio-Temporal Autoencoder for Traffic Flow Prediction. IEEETransactionsonIntelligentTransportationSystems, 24, 5516-5526. https://doi.org/10.1109/tits.2023.3243913
[23]
Sharafaldin, I., Habibi Lashkari, A. and Ghorbani, A.A. (2018) Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization. Proceedingsofthe 4thInternationalConferenceonInformationSystemsSecurityandPrivacy, Funchal, 22-24 January 2018, 108-116. https://doi.org/10.5220/0006639801080116