DL-IDS: Extracting Features Using CNN-LSTM Hybrid Network for Intrusion Detection System

Many studies utilized machine learning schemes to improve network intrusion detection systems recently. Most of the research is based on manually extracted features, but this approach not only requires a lot of labor costs but also loses a lot of information in the original data, resulting in low ju...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	Security and communication networks 2020, Vol.2020 (2020), p.1-11
Hauptverfasser:	Chen, Jinpeng, Lu, Xiangling, Liu, Chenxi, Li, Qi, Liu, Pengju, Sun, Pengfei, Hao, Ruochen
Format:	Artikel
Sprache:	eng
Schlagworte:	Accuracy Algorithms Artificial intelligence Artificial neural networks Behavior Classification Communications traffic Datasets Deep learning False alarms Feature extraction Hybrid systems Internet of Things Intrusion detection systems Machine learning Natural language processing Neural networks Optimization Research methodology Security management Support vector machines
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	11
container_issue	2020
container_start_page	1
container_title	Security and communication networks
container_volume	2020
creator	Chen, Jinpeng Lu, Xiangling Liu, Chenxi Li, Qi Liu, Pengju Sun, Pengfei Hao, Ruochen
description	Many studies utilized machine learning schemes to improve network intrusion detection systems recently. Most of the research is based on manually extracted features, but this approach not only requires a lot of labor costs but also loses a lot of information in the original data, resulting in low judgment accuracy and cannot be deployed in actual situations. This paper develops a DL-IDS (deep learning-based intrusion detection system), which uses the hybrid network of Convolutional Neural Network (CNN) and Long Short-Term Memory Network (LSTM) to extract the spatial and temporal features of network traffic data and to provide a better intrusion detection system. To reduce the influence of an unbalanced number of samples of different attack types in model training samples on model performance, DL-IDS used a category weight optimization method to improve the robustness. Finally, DL-IDS is tested on CICIDS2017, a reliable intrusion detection dataset that covers all the common, updated intrusions and cyberattacks. In the multiclassification test, DL-IDS reached 98.67% in overall accuracy, and the accuracy of each attack type was above 99.50%.
doi_str_mv	10.1155/2020/8890306
format	Article
fullrecord	<record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2455785719</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2455785719</sourcerecordid><originalsourceid>FETCH-LOGICAL-c426t-5cc9ad4733034d5f4af15b6490f3e1681e7ab4f9570e03db3a700082f6a37b4c3</originalsourceid><addsrcrecordid>eNqFkE1Lw0AQhhdRsFZvnmXBo8bOfmUTb9IPW4j10Ba8hU2yq6k20d0Ntf_elBQ9epp34JkZ5kHoksAdIUIMKFAYRFEMDMIj1CMxiwMglB7_ZsJP0Zlza4CQcMl76GWUBLPR4h6Pv71VuS-rVzzRyjdWO7xy-3Y4nwfJYvmEp7vMlgWea7-t7Ts2tcWzytvGlXWFR9rrdrxNi53zenOOToz6cPriUPtoNRkvh9MgeX6cDR-SIOc09IHI81gVXDIGjBfCcGWIyEIeg2GahBHRUmXcxEKCBlZkTEkAiKgJFZMZz1kfXXd7P2391Wjn03Xd2Ko9mVIuhIyEbH_vo9uOym3tnNUm_bTlRtldSiDdu0v37tKDuxa_6fC3sirUtvyPvupo3TLaqD-aQhRFwH4AS8V2Bg</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2455785719</pqid></control><display><type>article</type><title>DL-IDS: Extracting Features Using CNN-LSTM Hybrid Network for Intrusion Detection System</title><source>Wiley-Blackwell Open Access Titles</source><source>EZB-FREE-00999 freely available EZB journals</source><source>Alma/SFX Local Collection</source><creator>Chen, Jinpeng ; Lu, Xiangling ; Liu, Chenxi ; Li, Qi ; Liu, Pengju ; Sun, Pengfei ; Hao, Ruochen</creator><contributor>Wu, Huaming ; Huaming Wu</contributor><creatorcontrib>Chen, Jinpeng ; Lu, Xiangling ; Liu, Chenxi ; Li, Qi ; Liu, Pengju ; Sun, Pengfei ; Hao, Ruochen ; Wu, Huaming ; Huaming Wu</creatorcontrib><description>Many studies utilized machine learning schemes to improve network intrusion detection systems recently. Most of the research is based on manually extracted features, but this approach not only requires a lot of labor costs but also loses a lot of information in the original data, resulting in low judgment accuracy and cannot be deployed in actual situations. This paper develops a DL-IDS (deep learning-based intrusion detection system), which uses the hybrid network of Convolutional Neural Network (CNN) and Long Short-Term Memory Network (LSTM) to extract the spatial and temporal features of network traffic data and to provide a better intrusion detection system. To reduce the influence of an unbalanced number of samples of different attack types in model training samples on model performance, DL-IDS used a category weight optimization method to improve the robustness. Finally, DL-IDS is tested on CICIDS2017, a reliable intrusion detection dataset that covers all the common, updated intrusions and cyberattacks. In the multiclassification test, DL-IDS reached 98.67% in overall accuracy, and the accuracy of each attack type was above 99.50%.</description><identifier>ISSN: 1939-0114</identifier><identifier>EISSN: 1939-0122</identifier><identifier>DOI: 10.1155/2020/8890306</identifier><language>eng</language><publisher>Cairo, Egypt: Hindawi Publishing Corporation</publisher><subject>Accuracy ; Algorithms ; Artificial intelligence ; Artificial neural networks ; Behavior ; Classification ; Communications traffic ; Datasets ; Deep learning ; False alarms ; Feature extraction ; Hybrid systems ; Internet of Things ; Intrusion detection systems ; Machine learning ; Natural language processing ; Neural networks ; Optimization ; Research methodology ; Security management ; Support vector machines</subject><ispartof>Security and communication networks, 2020, Vol.2020 (2020), p.1-11</ispartof><rights>Copyright © 2020 Pengfei Sun et al.</rights><rights>Copyright © 2020 Pengfei Sun et al. This is an open access article distributed under the Creative Commons Attribution License (the “License”), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. http://creativecommons.org/licenses/by/4.0</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c426t-5cc9ad4733034d5f4af15b6490f3e1681e7ab4f9570e03db3a700082f6a37b4c3</citedby><cites>FETCH-LOGICAL-c426t-5cc9ad4733034d5f4af15b6490f3e1681e7ab4f9570e03db3a700082f6a37b4c3</cites><orcidid>0000-0003-4157-5110</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,4024,27923,27924,27925</link.rule.ids></links><search><contributor>Wu, Huaming</contributor><contributor>Huaming Wu</contributor><creatorcontrib>Chen, Jinpeng</creatorcontrib><creatorcontrib>Lu, Xiangling</creatorcontrib><creatorcontrib>Liu, Chenxi</creatorcontrib><creatorcontrib>Li, Qi</creatorcontrib><creatorcontrib>Liu, Pengju</creatorcontrib><creatorcontrib>Sun, Pengfei</creatorcontrib><creatorcontrib>Hao, Ruochen</creatorcontrib><title>DL-IDS: Extracting Features Using CNN-LSTM Hybrid Network for Intrusion Detection System</title><title>Security and communication networks</title><description>Many studies utilized machine learning schemes to improve network intrusion detection systems recently. Most of the research is based on manually extracted features, but this approach not only requires a lot of labor costs but also loses a lot of information in the original data, resulting in low judgment accuracy and cannot be deployed in actual situations. This paper develops a DL-IDS (deep learning-based intrusion detection system), which uses the hybrid network of Convolutional Neural Network (CNN) and Long Short-Term Memory Network (LSTM) to extract the spatial and temporal features of network traffic data and to provide a better intrusion detection system. To reduce the influence of an unbalanced number of samples of different attack types in model training samples on model performance, DL-IDS used a category weight optimization method to improve the robustness. Finally, DL-IDS is tested on CICIDS2017, a reliable intrusion detection dataset that covers all the common, updated intrusions and cyberattacks. In the multiclassification test, DL-IDS reached 98.67% in overall accuracy, and the accuracy of each attack type was above 99.50%.</description><subject>Accuracy</subject><subject>Algorithms</subject><subject>Artificial intelligence</subject><subject>Artificial neural networks</subject><subject>Behavior</subject><subject>Classification</subject><subject>Communications traffic</subject><subject>Datasets</subject><subject>Deep learning</subject><subject>False alarms</subject><subject>Feature extraction</subject><subject>Hybrid systems</subject><subject>Internet of Things</subject><subject>Intrusion detection systems</subject><subject>Machine learning</subject><subject>Natural language processing</subject><subject>Neural networks</subject><subject>Optimization</subject><subject>Research methodology</subject><subject>Security management</subject><subject>Support vector machines</subject><issn>1939-0114</issn><issn>1939-0122</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2020</creationdate><recordtype>article</recordtype><sourceid>RHX</sourceid><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><sourceid>GNUQQ</sourceid><recordid>eNqFkE1Lw0AQhhdRsFZvnmXBo8bOfmUTb9IPW4j10Ba8hU2yq6k20d0Ntf_elBQ9epp34JkZ5kHoksAdIUIMKFAYRFEMDMIj1CMxiwMglB7_ZsJP0Zlza4CQcMl76GWUBLPR4h6Pv71VuS-rVzzRyjdWO7xy-3Y4nwfJYvmEp7vMlgWea7-t7Ts2tcWzytvGlXWFR9rrdrxNi53zenOOToz6cPriUPtoNRkvh9MgeX6cDR-SIOc09IHI81gVXDIGjBfCcGWIyEIeg2GahBHRUmXcxEKCBlZkTEkAiKgJFZMZz1kfXXd7P2391Wjn03Xd2Ko9mVIuhIyEbH_vo9uOym3tnNUm_bTlRtldSiDdu0v37tKDuxa_6fC3sirUtvyPvupo3TLaqD-aQhRFwH4AS8V2Bg</recordid><startdate>2020</startdate><enddate>2020</enddate><creator>Chen, Jinpeng</creator><creator>Lu, Xiangling</creator><creator>Liu, Chenxi</creator><creator>Li, Qi</creator><creator>Liu, Pengju</creator><creator>Sun, Pengfei</creator><creator>Hao, Ruochen</creator><general>Hindawi Publishing Corporation</general><general>Hindawi</general><general>Hindawi Limited</general><scope>ADJCN</scope><scope>AHFXO</scope><scope>RHU</scope><scope>RHW</scope><scope>RHX</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K7-</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>P5Z</scope><scope>P62</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><orcidid>https://orcid.org/0000-0003-4157-5110</orcidid></search><sort><creationdate>2020</creationdate><title>DL-IDS: Extracting Features Using CNN-LSTM Hybrid Network for Intrusion Detection System</title><author>Chen, Jinpeng ; Lu, Xiangling ; Liu, Chenxi ; Li, Qi ; Liu, Pengju ; Sun, Pengfei ; Hao, Ruochen</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c426t-5cc9ad4733034d5f4af15b6490f3e1681e7ab4f9570e03db3a700082f6a37b4c3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2020</creationdate><topic>Accuracy</topic><topic>Algorithms</topic><topic>Artificial intelligence</topic><topic>Artificial neural networks</topic><topic>Behavior</topic><topic>Classification</topic><topic>Communications traffic</topic><topic>Datasets</topic><topic>Deep learning</topic><topic>False alarms</topic><topic>Feature extraction</topic><topic>Hybrid systems</topic><topic>Internet of Things</topic><topic>Intrusion detection systems</topic><topic>Machine learning</topic><topic>Natural language processing</topic><topic>Neural networks</topic><topic>Optimization</topic><topic>Research methodology</topic><topic>Security management</topic><topic>Support vector machines</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Chen, Jinpeng</creatorcontrib><creatorcontrib>Lu, Xiangling</creatorcontrib><creatorcontrib>Liu, Chenxi</creatorcontrib><creatorcontrib>Li, Qi</creatorcontrib><creatorcontrib>Liu, Pengju</creatorcontrib><creatorcontrib>Sun, Pengfei</creatorcontrib><creatorcontrib>Hao, Ruochen</creatorcontrib><collection>الدوريات العلمية والإحصائية - e-Marefa Academic and Statistical Periodicals</collection><collection>معرفة - المحتوى العربي الأكاديمي المتكامل - e-Marefa Academic Complete</collection><collection>Hindawi Publishing Complete</collection><collection>Hindawi Publishing Subscription Journals</collection><collection>Hindawi Publishing Open Access Journals</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>Advanced Technologies & Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>Computer Science Database</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>Advanced Technologies & Aerospace Database</collection><collection>ProQuest Advanced Technologies & Aerospace Collection</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><jtitle>Security and communication networks</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Chen, Jinpeng</au><au>Lu, Xiangling</au><au>Liu, Chenxi</au><au>Li, Qi</au><au>Liu, Pengju</au><au>Sun, Pengfei</au><au>Hao, Ruochen</au><au>Wu, Huaming</au><au>Huaming Wu</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>DL-IDS: Extracting Features Using CNN-LSTM Hybrid Network for Intrusion Detection System</atitle><jtitle>Security and communication networks</jtitle><date>2020</date><risdate>2020</risdate><volume>2020</volume><issue>2020</issue><spage>1</spage><epage>11</epage><pages>1-11</pages><issn>1939-0114</issn><eissn>1939-0122</eissn><abstract>Many studies utilized machine learning schemes to improve network intrusion detection systems recently. Most of the research is based on manually extracted features, but this approach not only requires a lot of labor costs but also loses a lot of information in the original data, resulting in low judgment accuracy and cannot be deployed in actual situations. This paper develops a DL-IDS (deep learning-based intrusion detection system), which uses the hybrid network of Convolutional Neural Network (CNN) and Long Short-Term Memory Network (LSTM) to extract the spatial and temporal features of network traffic data and to provide a better intrusion detection system. To reduce the influence of an unbalanced number of samples of different attack types in model training samples on model performance, DL-IDS used a category weight optimization method to improve the robustness. Finally, DL-IDS is tested on CICIDS2017, a reliable intrusion detection dataset that covers all the common, updated intrusions and cyberattacks. In the multiclassification test, DL-IDS reached 98.67% in overall accuracy, and the accuracy of each attack type was above 99.50%.</abstract><cop>Cairo, Egypt</cop><pub>Hindawi Publishing Corporation</pub><doi>10.1155/2020/8890306</doi><tpages>11</tpages><orcidid>https://orcid.org/0000-0003-4157-5110</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext
identifier	ISSN: 1939-0114
ispartof	Security and communication networks, 2020, Vol.2020 (2020), p.1-11
issn	1939-0114 1939-0122
language	eng
recordid	cdi_proquest_journals_2455785719
source	Wiley-Blackwell Open Access Titles; EZB-FREE-00999 freely available EZB journals; Alma/SFX Local Collection
subjects	Accuracy Algorithms Artificial intelligence Artificial neural networks Behavior Classification Communications traffic Datasets Deep learning False alarms Feature extraction Hybrid systems Internet of Things Intrusion detection systems Machine learning Natural language processing Neural networks Optimization Research methodology Security management Support vector machines
title	DL-IDS: Extracting Features Using CNN-LSTM Hybrid Network for Intrusion Detection System
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-05T09%3A30%3A07IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=DL-IDS:%20Extracting%20Features%20Using%20CNN-LSTM%20Hybrid%20Network%20for%20Intrusion%20Detection%20System&rft.jtitle=Security%20and%20communication%20networks&rft.au=Chen,%20Jinpeng&rft.date=2020&rft.volume=2020&rft.issue=2020&rft.spage=1&rft.epage=11&rft.pages=1-11&rft.issn=1939-0114&rft.eissn=1939-0122&rft_id=info:doi/10.1155/2020/8890306&rft_dat=%3Cproquest_cross%3E2455785719%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2455785719&rft_id=info:pmid/&rfr_iscdi=true