Improving Intrusion Detecction Systems by using Deep Learning Methods on Time Series Data
Received: 26 October 2024 | Revised: 18 November 2024 | Accepted: 23 November 2024 | Online: 29 November 2024
Corresponding author: Asma Ahmed A. Mohammed
Abstract
Intrusion Detection Systems (IDSs) are the cornerstone of cybersecurity, monitoring network traffic to find abnormal suspicious activities. Traditional IDSs usually face challenges in adapting to the cyber threats that evolve day by day, leading to very high false positive rates and missed detections. This study focuses on enhancing the performance of an IDS system by integrating deep learning techniques with time series data. The efficiency of RNN, CNN, and LSTM networks was evaluated in detecting intrusions in real-time. The experimental results showed that hybrid models, especially the CNN+RNN+LSTM combination, performed best with a 0.86 F1 score, 0.92 precision, and 0.79 recall, indicating that hybrid deep learning methods can improve detection accuracy while reducing false alarms, opening a resilient future for cybersecurity.
Keywords:
intrusion detection systems, deep learning, time series data, recurrent neural networks, long short-term memory, convolutional neural networks, cybersecurityDownloads
References
H. Liu and B. Lang, "Machine Learning and Deep Learning Methods for Intrusion Detection Systems: A Survey," Applied Sciences, vol. 9, no. 20, Jan. 2019, Art. no. 4396.
A.-R. Al-Ghuwairi, Y. Sharrab, D. Al-Fraihat, M. AlElaimat, A. Alsarhan, and A. Algarni, "Intrusion detection in cloud computing based on time series anomalies utilizing machine learning," Journal of Cloud Computing, vol. 12, no. 1, Aug. 2023, Art. no. 127.
M. Sajid et al., "Enhancing intrusion detection: a hybrid machine and deep learning approach," Journal of Cloud Computing, vol. 13, no. 1, Jul. 2024, Art. no. 123.
R. Mohammad, F. Saeed, A. A. Almazroi, F. S. Alsubaei, and A. A. Almazroi, "Enhancing Intrusion Detection Systems Using a Deep Learning and Data Augmentation Approach," Systems, vol. 12, no. 3, Mar. 2024, Art. no. 79.
A. Aldallal, "Toward Efficient Intrusion Detection System Using Hybrid Deep Learning Approach," Symmetry, vol. 14, no. 9, Sep. 2022, Art. no. 1916.
P. Wang, X. Song, Z. Deng, H. Xie, and C. Wang, "An Improved Deep Learning Based Intrusion Detection Method," in 2019 IEEE 5th International Conference on Computer and Communications (ICCC), Chengdu, China, Dec. 2019, pp. 2092–2096.
P. Rajesh Kanna and P. Santhi, "Unified Deep Learning approach for Efficient Intrusion Detection System using Integrated Spatial–Temporal Features," Knowledge-Based Systems, vol. 226, p. 107132, Aug. 2021.
R. Vinayakumar, M. Alazab, K. P. Soman, P. Poornachandran, A. Al-Nemrat, and S. Venkatraman, "Deep Learning Approach for Intelligent Intrusion Detection System," IEEE Access, vol. 7, pp. 41525–41550, 2019.
S. Iglesias Pérez, S. Moral-Rubio, and R. Criado, "A new approach to combine multiplex networks and time series attributes: Building intrusion detection systems (IDS) in cybersecurity," Chaos, Solitons & Fractals, vol. 150, Sep. 2021, Art. no. 111143.
S. W. Lee et al., "Towards secure intrusion detection systems using deep learning techniques: Comprehensive analysis and review," Journal of Network and Computer Applications, vol. 187, Aug. 2021, Art. no. 103111.
Y. C. Wang, Y. C. Houng, H. X. Chen, and S. M. Tseng, "Network Anomaly Intrusion Detection Based on Deep Learning Approach," Sensors, vol. 23, no. 4, Jan. 2023, Art. no. 2171.
R. Devendiran and A. V. Turukmane, "Dugat-LSTM: Deep learning based network intrusion detection system using chaotic optimization strategy," Expert Systems with Applications, vol. 245, p. 123027, Jul. 2024.
T. Su, H. Sun, J. Zhu, S. Wang, and Y. Li, "BAT: Deep Learning Methods on Network Intrusion Detection Using NSL-KDD Dataset," IEEE Access, vol. 8, pp. 29575–29585, 2020.
R. H. Altaie and H. K. Hoomod, "An Intrusion Detection System using a Hybrid Lightweight Deep Learning Algorithm," Engineering, Technology & Applied Science Research, vol. 14, no. 5, pp. 16740–16743, Oct. 2024.
R. Kaur and N. Gupta, "Harnessing Decision Tree-guided Dynamic Oversampling for Intrusion Detection," Engineering, Technology & Applied Science Research, vol. 14, no. 5, pp. 17456–17463, Oct. 2024.
Z. Wang, D. Jiang, L. Huo, and W. Yang, "An efficient network intrusion detection approach based on deep learning," Wireless Networks, Jul. 2021.
S. More, M. Idrissi, H. Mahmoud, and A. T. Asyhari, "Enhanced Intrusion Detection Systems Performance with UNSW-NB15 Data Analysis," Algorithms, vol. 17, no. 2, Feb. 2024, Art. no. 64.
Z. Ahmad, A. Shahid Khan, C. Wai Shiang, J. Abdullah, and F. Ahmad, "Network intrusion detection system: A systematic study of machine learning and deep learning approaches," Transactions on Emerging Telecommunications Technologies, vol. 32, no. 1, 2021, Art. no. e4150.
"UNSW_NB15." Kaggle, [Online]. Available: https://www.kaggle.com/datasets/mrwellsdavid/unsw-nb15.
Downloads
How to Cite
License
Copyright (c) 2024 Asma Ahmed A. Mohammed
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.
