A Scalable and Hybrid Intrusion Detection System Based on the Convolutional-LSTM Network

Khan, Muhammad Ashfaq; Karim, Rezaul; Kim, Yangwoo

doi:10.3390/sym11040583

Cited by 124 publications

(62 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…A comparative analysis performed on several IDS datasets has proven that IG-PCA-Ensemble method exhibits better performance than the majority of existing approaches. Due to large-scale data produced from a massive network infrastructure, Khan et al [45] proposed a scalable and hybrid IDS, which is based on Spark ML and Convolutional-LSTM (Conv-LSTM) network to employ the anomaly and misuse detection separately. Zhong et al [99] also proposed a new anomaly detection model called HELAD, which is based on the Damped Incremental Statistics algorithm for feature selection and organic integration of multiple deep learning techniques for classification.…”

Section: On Hybrid Approachesmentioning

confidence: 99%

Building an efficient intrusion detection system based on feature selection and ensemble classifier

et al. 2020

View full text Add to dashboard Cite

A B S T R A C T Intrusion detection system (IDS) is one of extensively used techniques in a network topology to safeguard the integrity and availability of sensitive assets in the protected systems. Although many supervised and unsupervised learning approaches from the field of machine learning have been used to increase the efficacy of IDSs, it is still a problem for existing intrusion detection algorithms to achieve good performance. First, lots of redundant and irrelevant data in high-dimensional datasets interfere with the classification process of an IDS. Second, an individual classifier may not perform well in the detection of each type of attacks. Third, many models are built for stale datasets, making them less adaptable for novel attacks. Thus, we propose a new intrusion detection framework in this paper, and this framework is based on the feature selection and ensemble learning techniques. In the first step, a heuristic algorithm called CFS-BA is proposed for dimensionality reduction, which selects the optimal subset based on the correlation between features. Then, we introduce an ensemble approach that combines C4.5, Random Forest (RF), and Forest by Penalizing Attributes (Forest PA) algorithms. Finally, voting technique is used to combine the probability distributions of the base learners for attack recognition. The experimental results, using NSL-KDD, AWID, and CIC-IDS2017 datasets, reveal that the proposed CFS-BA-Ensemble method is able to exhibit better performance than other related and state of the art approaches under several metrics.

show abstract

Section: On Hybrid Approachesmentioning

confidence: 99%

Building an efficient intrusion detection system based on feature selection and ensemble classifier

et al. 2020

View full text Add to dashboard Cite

show abstract

“…Another approach [36] presented a hybrid IDS utilizing spark ML and the convolutional-LSTM network. The ISCX-UNB dataset was used to evaluate the performance of the method.…”

Section: Intrusion Detectionmentioning

confidence: 99%

“…First, the combination of several AI-based techniques in a defense solution may still an interesting research direction. For example, the incorporation of bio-inspired computation and ML/DL approaches shows promising results in malware detection [18][19][20][21][22] or [36][37][38] for detecting the network intrusion. Hence, the combination of these two techniques is a very potential research direction due to the number of bio-inspired algorithms exploited in cybersecurity still being limited.…”

Section: Open Research Directionsmentioning

confidence: 99%

Artificial Intelligence in the Cyber Domain: Offense and Defense

2020

View full text Add to dashboard Cite

Artificial intelligence techniques have grown rapidly in recent years, and their applications in practice can be seen in many fields, ranging from facial recognition to image analysis. In the cybersecurity domain, AI-based techniques can provide better cyber defense tools and help adversaries improve methods of attack. However, malicious actors are aware of the new prospects too and will probably attempt to use them for nefarious purposes. This survey paper aims at providing an overview of how artificial intelligence can be used in the context of cybersecurity in both offense and defense.

show abstract

“…As they usually gain better performance than traditional machine learning models, they became popular methods in this area, although their explanatory capacity is often very limited. Numerous different approaches are used, including both shallow and deep learning methods [2], or a combination of both [3].…”

Section: Related Workmentioning

confidence: 99%

Hierarchical Intrusion Detection Using Machine Learning and Knowledge Model

Sarnovský

Paralič

2020

Symmetry

View full text Add to dashboard Cite

Intrusion detection systems (IDS) present a critical component of network infrastructures. Machine learning models are widely used in the IDS to learn the patterns in the network data and to detect the possible attacks in the network traffic. Ensemble models combining a variety of different machine learning models proved to be efficient in this domain. On the other hand, knowledge models have been explicitly designed for the description of the attacks and used in ontology-based IDS. In this paper, we propose a hierarchical IDS based on the original symmetrical combination of machine learning approach with knowledge-based approach to support detection of existing types and severity of new types of network attacks. Multi-stage hierarchical prediction consists of the predictive models able to distinguish the normal connections from the attacks and then to predict the attack classes and concrete attack types. The knowledge model enables to navigate through the attack taxonomy and to select the appropriate model to perform a prediction on the selected level. Designed IDS was evaluated on a widely used KDD 99 dataset and compared to similar approaches.

show abstract

A Scalable and Hybrid Intrusion Detection System Based on the Convolutional-LSTM Network

Cited by 124 publications

References 37 publications

Building an efficient intrusion detection system based on feature selection and ensemble classifier

Building an efficient intrusion detection system based on feature selection and ensemble classifier

Artificial Intelligence in the Cyber Domain: Offense and Defense

Hierarchical Intrusion Detection Using Machine Learning and Knowledge Model

Contact Info

Product

Resources

About