research-article

Leveraging LSTM-RNN combined with SVM for Network Intrusion Detection

Authors:

Shweta Patidar,

Meenakshi Tripathi,

Subham Kumar GuptaAuthors Info & Claims

DSMLAI '21': Proceedings of the International Conference on Data Science, Machine Learning and Artificial Intelligence

Pages 26 - 31

https://doi.org/10.1145/3484824.3484908

Published: 13 January 2022 Publication History

Abstract

Abstract---Computer networks and their applications have changed the daily aspects of human life considerably be it business, entertainment, work or travelling aspects. However, this dependency on computer networks has also made the networks prone to various attacks. Therefore, it becomes very important to secure the network from any type of suspicious activity. In place of securing each system individually, we can provide security solutions to network traffic data. The concepts of Deep Learning and Machine Learning have been effectively used in the fields of image processing, pattern recognition, NLP, etc. Considering the advantages of these concepts and the sequential nature of traffic data, we have proposed a solution for detecting intrusions in the computer network traffic using one of the Deep Learning approach called Long Short-Term Memory(LSTM). The proposed model makes use of LSTM combined with the loss function of SVM to detect intrusion in Kyoto University Honeypot Network Traffic Data. With an accuracy of 97.10%, true positive rate of a 98.50% and a false positive rate of 5.21%, the proposed LSTM model outperforms other existing models in detecting intrusions over Kyoto University Dataset.

References

[1]

H.-J. Liao, C.-H. R. Lin, Y.-C. Lin, and K.-Y. Tung, "Intrusion detection system: A comprehensive review," Journal of Network and Computer Applications, vol. 36, no. 1, pp. 16--24. 2013.

Digital Library

[2]

E. Beqiri, "Neural networks for intrusion detection systems," in Global Security, Safety, and Sustainability (H. Jahankhani, A. G. Hessami, and F. Hsu, eds.), (Berlin, Heidelberg), pp. 156--165. Springer Berlin Heidelberg, 2009.

[3]

H. Liu and B. Lang, "Machine learning and deep learning methods for intrusion detection systems: A survey," Applied Sciences, vol. 9, no. 20, p. 4396, 2019.

[4]

P. Amudha, S. Karthik, and S. Sivakumari, "Classification techniques for intrusion detection-an overview," International Journal of Computer Applications, vol. 76, no. 16, 2013.

[5]

C.-F. Tsai, Y.-F. Hsu, C.-Y. Lin, and W.-Y. Lin, "Intrusion detection by machine learning: A review," expert systems with applications, vol. 36, no. 10, pp. 11994--12000. 2009.

[6]

S. Hochreiter and J. Schmidhuber, "Lstm can solve hard long time lag problems," in Advances in neural information processing systems, pp. 473--479. 1997.

[7]

H. Liu and B. Lang, "Machine learning and deep learning methods for intrusion detection systems: A survey," Applied Sciences, vol. 9, no. 20, p. 4396, 2019.

[8]

P. Amudha, S. Karthik, and S. Sivakumari, "Classification techniques for intrusion detection-an overview," International Journal of Computer Applications, vol. 76, no. 16, 2013.

[9]

R. Doshi, N. Apthorpe, and N. Feamster, "Machine learning ddos detection for consumer internet of things devices," in 2018 IEEE Security and Privacy Workshops (SPW), pp. 29--35. IEEE, 2018.

[10]

A. F. M. Agarap, "A neural network architecture combining gated recurrent unit (gru) and support vector machine (svm) for intrusion detection in network traffic data," in Proceedings of the 2018 10th International Conference on Machine Learning and Computing, pp. 26--30. 2018.

[11]

J. Kim, J. Kim, H. L. T. Thu, and H. Kim, "Long short term memory recur- rent neural network classifier for intrusion detection," in 2016 International Conference on Platform Technology and Service (PlatCon), pp. 1--5. IEEE, 2016.

[12]

S. M. Othman, F. M. Ba-Alwi, N. T. Alsohybe, and A. Y. Al-Hashida, "Intrusion detection model using machine learning algorithm on big data environment," Journal of Big Data, vol. 5, no. 1, p. 34, 2018.

[13]

C. Xu, J. Shen, X. Du, and F. Zhang, "An intrusion detection system using a deep neural network with gated recurrent units," IEEE Access, vol. 6, pp. 48697--48707. 2018.

[14]

Y. Hao, Y. Sheng, and J. Wang, "Variant gated recurrent units with encoders to preprocess packets for payload-aware intrusion detection," IEEE Access, vol. 7, pp. 49985--49998. 2019.

[15]

H. Gwon, C. Lee, R. Keum, and H. Choi, "Network intrusion detection based on lstm and feature embedding," arXiv preprint arXiv:1911.11552, 2019.

[16]

J. Li, Y. Liu, and L. Gu, "Ddos attack detection based on neural network," in 2010 2nd International Symposium on Aware Computing, pp. 196--199. IEEE, 2010.

[17]

M. Manavi and Y. Zhang, "A new intrusion detection system based on gated recurrent unit (gru) and genetic algorithm," in International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage, pp. 368--383. Springer, 2019.

[18]

Y. Fu, F. Lou, F. Meng, Z. Tian, H. Zhang, and F. Jiang, "An intelligent network attack detection method based on rnn," in 2018 IEEE Third In- ternational Conference on Data Science in Cyberspace (DSC), pp. 483--489. IEEE, 2018.

[19]

A. Elsherif et al., "Automatic intrusion detection system using deep recurrent neural network paradigm," 2018.

[20]

J. Kim, H. Kim, et al., "An effective intrusion detection classifier using long short-term memory with gradient descent optimization," in 2017 International Conference on Platform Technology and Service (PlatCon), pp. 1--6. IEEE, 2017.

[21]

R. Singh, H. Kumar, and R. Singla, "An intrusion detection system using network traffic profiling and online sequential extreme learning machine," Expert Systems with Applications, vol. 42, no. 22, pp. 8609--8624. 2015.

Digital Library

[22]

A. Graves, A.-r. Mohamed, and G. Hinton, "Speech recognition with deep recurrent neural networks," in 2013 IEEE international conference on acoustics, speech and signal processing, pp. 6645--6649. IEEE, 2013.

[23]

A. Graves and N. Jaitly, "Towards end-to-end speech recognition with re- current neural networks," in International conference on machine learning, pp. 1764--1772. 2014.

[24]

P. Mishra, V. Varadharajan, U. Tupakula, and E. S. Pilli, "A detailed investigation and analysis of using machine learning techniques for intrusion detection," IEEE Communications Surveys & Tutorials, vol. 21, no. 1, pp. 686--728. 2018.

[25]

S. Hochreiter and J. Schmidhuber, "Long short-term memory," Neural computation, vol. 9, no. 8, pp. 1735--1780. 1997.

Digital Library

[26]

Y. Tang, "Deep learning using linear support vector machines," arXi preprint arXiv:1306.0239, 2013.

[27]

D. D. Protić, "Review of kdd cup'99, nsl-kdd and kyoto 2006+ datasets," Vojnotehnički glasnik, vol. 66, no. 3, pp. 580--596. 2018.

[28]

W.-H. Chen, S.-H. Hsu, and H.-P. Shen, "Application of svm and ann for intrusion detection," Computers & Operations Research, vol. 32, no. 10, pp. 2617--2634. 2005.

Digital Library

[29]

W. Hu, W. Hu, and S. Maybank, "Adaboost-based algorithm for network intrusion detection," IEEE Transactions on Systems, Man, and Cybernet- ics, Part B (Cybernetics), vol. 38, no. 2, pp. 577--583. 2008.

Digital Library

[30]

C. Cheng, W. P. Tay, and G.-B. Huang, "Extreme learning machines for intrusion detection," in The 2012 International joint conference on neural networks (IJCNN), pp. 1--8. IEEE, 2012.

Cited By

Maseno EWang ZSun Y(2024)Performance Evaluation of Intrusion Detection Systems on the TON_IoT Datasets Using a Feature Selection MethodProceedings of the 2024 8th International Conference on Computer Science and Artificial Intelligence10.1145/3709026.3709048(607-613)Online publication date: 6-Dec-2024
https://dl.acm.org/doi/10.1145/3709026.3709048
Sadhwani SVerma AMuthalagu RPawar P(2023)Network Intrusion Detection: A Study on Various Learning Approaches2023 International Conference on Computational Intelligence and Knowledge Economy (ICCIKE)10.1109/ICCIKE58312.2023.10131701(161-166)Online publication date: 9-Mar-2023
https://doi.org/10.1109/ICCIKE58312.2023.10131701

Index Terms

Leveraging LSTM-RNN combined with SVM for Network Intrusion Detection

Index terms have been assigned to the content through auto-classification.

Recommendations

Network intrusion detection system: A systematic study of machine learning and deep learning approaches
Abstract
The rapid advances in the internet and communication fields have resulted in a huge increase in the network size and the corresponding data. As a result, many novel attacks are being generated and have posed challenges for network security to ...

(1) A systematic study is conducted to select recent articles on various ML and DL‐based NIDS published during the past 3 years (2017 ‐ April 2020).(2) Extensively discussed various features of papers including proposed methodology, strength, weakness, ...
A bidirectional LSTM deep learning approach for intrusion detection
Abstract
The rise in computer networks and internet attacks has become alarming for most service providers. It has triggered the need for the development and implementation of intrusion detection systems (IDSs) to help prevent and or mitigate ...
Highlights
- The problem of high rates of raising false alarms in IDSs is considered.
- It is ...
Deep Learning Applications for Intrusion Detection in Network Traffic
Abstract
This paper discusses the problems of applying deep learning methods for intrusion detection in network traffic. The results of analyzing the relevant studies and reviews of deep learning applications for intrusion detection are presented. The most ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

DSMLAI '21': Proceedings of the International Conference on Data Science, Machine Learning and Artificial Intelligence

August 2021

415 pages

ISBN:9781450387637

DOI:10.1145/3484824

Editors:
Dharm Singh Jat
Namibia University of Science and Technology
,
Colin Stanley
Namibia University of Science and Technology
,
José Quenum
Namibia University of Science and Technology
,
Nilanjan Dey
JIS University, Kolkata
,
Arpit Jain
Namibia University of Science and Technology

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 January 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

DSMLAI '21'

DSMLAI '21': International Conference on Data Science, Machine Learning and Artificial Intelligence

August 9 - 12, 2021

Windhoek, Namibia

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
113
Total Downloads

Downloads (Last 12 months)15
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Maseno EWang ZSun Y(2024)Performance Evaluation of Intrusion Detection Systems on the TON_IoT Datasets Using a Feature Selection MethodProceedings of the 2024 8th International Conference on Computer Science and Artificial Intelligence10.1145/3709026.3709048(607-613)Online publication date: 6-Dec-2024
https://dl.acm.org/doi/10.1145/3709026.3709048
Sadhwani SVerma AMuthalagu RPawar P(2023)Network Intrusion Detection: A Study on Various Learning Approaches2023 International Conference on Computational Intelligence and Knowledge Economy (ICCIKE)10.1109/ICCIKE58312.2023.10131701(161-166)Online publication date: 9-Mar-2023
https://doi.org/10.1109/ICCIKE58312.2023.10131701

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten