Improving network security through deep learning RNN approach

Cover Page

Cite item

Full Text

Open Access Open Access
Restricted Access Access granted
Restricted Access Subscription or Fee Access

Abstract

Subject of the Study. This article explores the use of Recurrent Neural Networks (RNN), Long Short-Term Memory (LSTM) networks, to improve the effectiveness of Intrusion Detection Systems (IDS). The study emphasizes the work of optimizers to enhance the accuracy of detecting network attacks and provides a comparative analysis of various optimization algorithms using the NSL-KDD dataset. Method. The article proposes an RNN-LSTM-based approach for detecting intrusions in network traffic. Seven different optimization algorithms were evaluated, including Adamax, SGD, Adagrad, Adam, RMSprop, Nadam, and Adadelta. The method involves a comparative analysis of their performance with varying hidden layer sizes. Main Results. The experiment methodology included training the RNN-LSTM model with hidden layer sizes ranging from 50 to 100 over 500 epochs. The Adamax optimizer achieved the highest accuracy of 99.79%, while Adadelta had the lowest accuracy at 97.29%. Additionally, SGD demonstrated the best True Positive Rate (TPR), while Adamax showed the lowest False Alarm Rate (FAR). The study evaluated metrics such as accuracy, TPR, FAR, precision, and F1-score, with Adamax standing out for its overall performance. Practical Significance. The article is relevant to professionals in the fields of cybersecurity, network security, and IDS development. This article provides valuable insights for enhancing IDS configurations to improve the detection and mitigation of network intrusions.

Full Text

Restricted Access

About the authors

Mokhalad Mohsin Abdulhasan Al-Tameemi

Saint Petersburg State Electrotechnical University “LETI”

Author for correspondence.
Email: Almokhalad44@gmail.com
ORCID iD: 0009-0005-5316-1689

postgraduate, Department of Information Security

Russian Federation, Saint Petersburg

Abbas Ali Hasan Alzaghir

Moscow Technical University of Communications and Informatics

Email: a.a.h.alzagi@mtuci.ru
ORCID iD: 0000-0003-2937-9934
SPIN-code: 3338-3350

Cand. Sci. (Eng.); associate professor, Department of Fixed-line Communication Networks and Systems

Russian Federation, Moscow

References

  1. Roesch M. Snort: Lightweight intrusion detection for networks. In: Proceedings of LISA’99: 13th Systems Administration Conference. Berkeley, CA: USENIX Association, 1999. Vol. 99. No. 1. Pp. 229–238.
  2. Sowmya T., Anita E.M. A comprehensive review of AI based intrusion detection system. Measurement: Sensors. 2023. Vol. 28. P. 100827. doi: 10.1016/j.measen.2023.100827.
  3. Sasi T., Lashkari A.H., Lu R. et al. A comprehensive survey on IoT attacks: Taxonomy, detection mechanisms and challenges. Journal of Information and Intelligence. 2023. Vol. 2. Issue 6. Pp. 455–513. doi: 10.1016/j.jiixd.2023.12.001.
  4. Javaid A., Niyaz Q., Weiqing Sun, Alam M. A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies. Brussels, Belgium: ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering), 2016. No. 3 (9). Pp. 21–26. doi: 10.4108/eai.3-12-2015.2262516.
  5. Amutha S., Kavitha R., Srinivasan R., Kavitha M. Secure network intrusion detection system using NID-RNN based Deep Learning. In: International Conference on Advances in Computing, Communication and Applied Informatics (ACCAI). IEEE (Institute of Electrical and Electronics Engineers), 2022. Pp. 1–5. doi: 10.1109/ACCAI53970.2022.9752526.
  6. Zhang Jielun, Fuhao Li, Feng Ye. An ensemble-based network intrusion detection scheme with bayesian deep learning. In: International Conference on Communications (ICC). IEEE, 2020. Pp. 1–6. doi: 10.1109/ICC40277.2020.9149402.
  7. Shawq M.M., Soukaena H.H. Proposed network intrusion detection system‎ in cloud environment based on back‎ propagation neural network. Journal of Babylon University (Pure and Applied Sciences). 2018. No. 1. Vol. 26. Pp. 29–40. doi: 10.29196/jub.v26i1.351.
  8. Septiadi Jaka, Budi Warsito, Adi Wibowo. Human activity prediction using long short term memory. In: 5th International Conference on Energy, Environmental and Information System (ICENIS 2020). E3S Web of Conferences. 2020. Vol. 202. Art. 15008. doi: 10.1051/e3sconf/202020215008.
  9. Nicholas J., Qing Tan, Villar J.R. A review of anomaly detection strategies to detect threats to cyber-physical systems. Electronics. 2023. No. 12 (15). P. 3283. doi: 10.3390/electronics12153283.
  10. Staudemeyer R.C. Applying long short-term memory recurrent neural networks to intrusion detection. South African Computer Journal. 2015. Vol. 56. Pp. 136–154. DOI: https://doi.org/10.18489/sacj.v56i1.248.
  11. Acharya T., Annamalai A., Chouikha M.F. Efficacy of CNN-Bidirectional LSTM hybrid model for network-based anomaly detection. In: 13th Symposium on Computer Applications & Industrial Electronics (ISCAIE). IEEE, 2023. Pp. 348–353. doi: 10.1109/ISCAIE57739.2023.10165088.
  12. Parhizkari S. Anomaly detection in intrusion detection systems. IntechOpen. 2023. doi: 10.5772/intechopen.112733.
  13. Javaid A., Quamar N., Weiqing S., Mansoor A. A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (formerly BIONETICS). Brussels, Belgium: ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering), 2016. Pp. 21–26. doi: 10.4108/eai.3-12-2015.2262516.
  14. Yong Yu, Xiaosheng Si, Changhua Hu, Jianxun Zhang. A review of recurrent neural networks: LSTM cells and network architectures. Neural Computation. 2019. Vol. 31. No. 7. Pp. 1235–1270. doi: 10.1162/neco_a_01199.
  15. Changhui Jiang, Shuai Chen, Yuwei Chen. et al. A MEMS IMU de-noising method using long short-term memory recurrent neural networks (LSTM-RNN). Sensors. 2018. Vol. 18. No. 10. P. 3470. doi: 10.3390/s18103470.
  16. Smagulova K., Alex P.J. A survey on LSTM memristive neural network architectures and applications. The European Physical Journal Special Topics. 2019. Vol. 228. Pp. 2313–2324. doi: 10.1140/epjst/e2019-900046-x.
  17. Hochreiter Sepp, Jürgen Schmidhuber. Long short-term memory. Neural Computation. 1997. Vol. 9. No. 8. Pp. 1735–1780. doi: 10.1162/neco.1997.9.8.1735.
  18. Wang Yan, Kun Yang, Xiang Jing, Huang Long Jin. Problems of kdd cup 99 dataset existed and data preprocessing. Applied Mechanics and Materials. 2014. Vol. 667. Pp. 218–225. doi: 10.4028/ href='www.scientific.net/AMM.667.218' target='_blank'>www.scientific.net/AMM.667.218.
  19. Rajesh T., Pavithran D. A survey of intrusion detection models based on NSL-KDD data set. In: Fifth HCT Information Technology Trends (ITT). IEEE, 2018. Pp. 286–291. doi: 10.1109/CTIT.2018.8649498.
  20. Yuliana Yu., Supriyadi Dh.H., Fahlevi M.R., Arisagas M.R. Analysis of NSL-KDD for the implementation of machine learning in network intrusion detection system. Journal of Informatics Information System Software Engineering and Applications (INISTA). 2024. Vol. 6. No. 2. Pp. 80–89. doi: 10.20895/inista.v6i2.1389.
  21. Mohammed Z., AlQahtani S.A., Alawwad A.M., Alotaibi A.A. Intrusion detection system with customized machine learning techniques for NSL-KDD dataset. Computers, Materials & Continua. 2023. Vol. 77. No. 3. Pp. 4025–4054. doi: 10.32604/cmc.2023.043752.
  22. Pandey Sushant Kumar. Design and performance analysis of various feature selection methods for anomaly‐based techniques in intrusion detection system. Security and Privacy. 2019. Vol. 2. No. 2. doi: 10.1002/spy2.56.
  23. Jaw Ebrima, Xueming Wang. Feature selection and ensemble-based intrusion detection system: An efficient and comprehensive approach. Symmetry. 2021. Vol. 13. No. 10. P. 1764. doi: 10.3390/sym13101764.
  24. Koryshev N., Hodashinsky I., Shelupanov A. Building a fuzzy classifier based on whale optimization algorithm to detect network intrusions. Symmetry. 2021. Vol. 13. No. 7. P. 1211. doi: 10.3390/sym13071211.
  25. Riyadi Andri Agung, Fachri Amsury, Tiska Pattiasina, Jupriyanto Jupriyanto. Comparative analysis of the k-nearest neighbor algorithm on various intrusion detection datasets. Jurnal Riset Informatika. 2021. Vol. 4. No. 1 Pp. 127–132. doi: 10.34288/jri.v4i1.341.
  26. Hochreiter S. Long short-term memory. Neural. Computation. 1997. Vol. 9. No. 8. Pp. 1735–1780. doi: 10.1162/neco.1997.9.8.1735.

Supplementary files

Supplementary Files
Action
1. JATS XML
Download
2. Fig. 1. LSTM cell architecture

Download (114KB)
Indexing metadata
3. Fig. 2. Proposal model

Download (234KB)
Indexing metadata
4. Fig. 3. Implementation model

Download (133KB)
Indexing metadata
5. Fig. 4. Model accuracy for different hidden layers with seven optimizers

Download (134KB)
Indexing metadata
6. Fig. 5. Classification performance of the model

Download (237KB)
Indexing metadata