A Hierarchical Intrusion Detection Model Combining Multiple Deep Learning Models With Attention Mechanism

In order to ensure the security of computer systems and networks, it is very important to design and implement intrusion detection systems that can detect and mitigate network attacks and threats. Deep learning has great advantages in processing complex, high-dimensional and large-scale traffic data...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:IEEE access Ročník 11; s. 1
Hlavní autori: Xu, Hongsheng, Sun, Libo, Fan, Ganglong, Li, Wanxing, Kuang, Guofang
Médium: Journal Article
Jazyk:English
Vydavateľské údaje: Piscataway IEEE 01.01.2023
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Predmet:
Accuracy
Attention Mechanism
Bi-directional long short-term memory(BiLSTM)
Classification
Communications traffic
Convolution Neural Network(CNN)
Deep learning
Intrusion Detection System (IDS)
Intrusion detection systems
Machine learning
Spatial data
Stacked Convolutional Denoising Autoencoders(SCDAE)
Traffic information
ISSN:2169-3536, 2169-3536
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:In order to ensure the security of computer systems and networks, it is very important to design and implement intrusion detection systems that can detect and mitigate network attacks and threats. Deep learning has great advantages in processing complex, high-dimensional and large-scale traffic data. Therefore, intrusion detection system based on deep learning method has better detection effect. Through the analysis of the research status, this paper finds that there are some problems in the existing intrusion detection system. To solve the problems of low detection accuracy, structure to be optimized and high false positive rate, this paper presents a hierarchical intrusion detection model which combines multiple deep learning models with attention mechanism. The advantages of this hierarchical model include: Firstly, the SCDAE model is used to extract the features of traffic data and reduce noise; Secondly, CNN is used to extract spatial features of network traffic data from the spatial dimension; Thirdly, BiLSTM is able to fully consider the relationship between the front and back features, so that the temporal features of network traffic data can be mined; Fourthly, a Self-Attention mechanism is added to weight the output of each time step to sum up and retain the important information in it. Thus, a CNN-BiLSTM-Attention model is constructed; Finally, the Softmax classifier is used to obtain the classification results. To verify the effectiveness of the proposed model, four time-sensitive and representative datasets are selected for experiments and five classical detection models are compared in this paper. The experimental results show that the classification accuracy of the proposed model reaches 93.26 % and the false positive rate reaches 7.53%.
Bibliografia:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2023.3290613