Construction of a network intrusion detection system based on a convolutional neural network and a bidirectional gated recurrent unit with attention mechanism

Authors

DOI:

https://doi.org/10.15587/1729-4061.2024.305685

Keywords:

deep learning, combined model, network intrusion detection systems, attention mechanism

Abstract

The object of this study is the process of recognizing intrusions in computer networks. Network intrusion detection systems (NIDS) have become an important area of research as they are used to protect computer systems from hacker attacks. Deep learning is becoming increasingly popular for detecting and classifying malicious network traffic, including for building NIDS.

In this paper, we propose a network intrusion detection model CNN-BiGRU-Attention based on a time-based approach to deep learning using the attention mechanism. The main goal of the study is to build an effective combined deep learning model that can detect various network cyber threats.

A 1D convolutional neural network is implemented to extract high-level representations of intrusion information features. A bidirectional gated recurrent unit (BiGRU) with an attention mechanism for traffic data classification has been designed. The attention mechanism plays a key role in the constructed model as it allows the system to focus only on important aspects of network traffic and allows the model to adapt to new types of threats.

The results of the study show that using a combination of CNN and BiGRU with the attention mechanism speeds up and improves the process of classifying network attacks. On the NSL-KDD and UNSW-NB15 training datasets, the model shows an accuracy of 99.81 % and 97.80 %. On the NSL-KDD and UNSW-NB15 test datasets, the model demonstrates 82.16 % and 97.72 % accuracy.

The proposed NIDS model will be considered for implementation in a real-time corporate network security system.

In general, the results of the study provide a new perspective on improving the performance of NIDS and are quite relevant in terms of using attention mechanisms to classify network traffic

Author Biographies

Andrii Nikitenko, Donetsk National Technical University

Department of Applied Mathematics and Informatics

Yevhen Bashkov, Donetsk National Technical University

Doctor of Technical Sciences, Professor

Department of Applied Mathematics and Informatics

References

  1. Boukhalfa, A., Abdellaoui, A., Hmina, N., Chaoui, H. (2020). LSTM deep learning method for network intrusion detection system. International Journal of Electrical and Computer Engineering (IJECE), 10 (3), 3315. https://doi.org/10.11591/ijece.v10i3.pp3315-3322
  2. Ahmad, Z., Shahid Khan, A., Wai Shiang, C., Abdullah, J., Ahmad, F. (2020). Network intrusion detection system: A systematic study of machine learning and deep learning approaches. Transactions on Emerging Telecommunications Technologies, 32 (1). https://doi.org/10.1002/ett.4150
  3. Kumar, S., Gupta, S., Arora, S. (2021). Research Trends in Network-Based Intrusion Detection Systems: A Review. IEEE Access, 9, 157761–157779. https://doi.org/10.1109/access.2021.3129775
  4. Aldweesh, A., Derhab, A., Emam, A. Z. (2020). Deep learning approaches for anomaly-based intrusion detection systems: A survey, taxonomy, and open issues. Knowledge-Based Systems, 189, 105124. https://doi.org/10.1016/j.knosys.2019.105124
  5. Thirimanne, S. P., Jayawardana, L., Yasakethu, L., Liyanaarachchi, P., Hewage, C. (2022). Deep Neural Network Based Real-Time Intrusion Detection System. SN Computer Science, 3 (2). https://doi.org/10.1007/s42979-022-01031-1
  6. Qazi, E. U. H., Almorjan, A., Zia, T. (2022). A One-Dimensional Convolutional Neural Network (1D-CNN) Based Deep Learning System for Network Intrusion Detection. Applied Sciences, 12 (16), 7986. https://doi.org/10.3390/app12167986
  7. Zhang, J., Ling, Y., Fu, X., Yang, X., Xiong, G., Zhang, R. (2020). Model of the intrusion detection system based on the integration of spatial-temporal features. Computers & Security, 89, 101681. https://doi.org/10.1016/j.cose.2019.101681
  8. Rajesh Kanna, P., Santhi, P. (2021). Unified Deep Learning approach for Efficient Intrusion Detection System using Integrated Spatial–Temporal Features. Knowledge-Based Systems, 226, 107132. https://doi.org/10.1016/j.knosys.2021.107132
  9. Khan, F. A., Gumaei, A., Derhab, A., Hussain, A. (2019). TSDL: A Two-Stage Deep Learning Model for Efficient Network Intrusion Detection. IEEE Access, 7, 30373–30385. https://doi.org/10.1109/access.2019.2899721
  10. Binbusayyis, A., Vaiyapuri, T. (2021). Unsupervised deep learning approach for network intrusion detection combining convolutional autoencoder and one-class SVM. Applied Intelligence, 51 (10), 7094–7108. https://doi.org/10.1007/s10489-021-02205-9
  11. Hnamte, V., Hussain, J. (2023). DCNNBiLSTM: An Efficient Hybrid Deep Learning-Based Intrusion Detection System. Telematics and Informatics Reports, 10, 100053. https://doi.org/10.1016/j.teler.2023.100053
  12. Sinha, J., Manollas, M. (2020). Efficient Deep CNN-BiLSTM Model for Network Intrusion Detection. Proceedings of the 2020 3rd International Conference on Artificial Intelligence and Pattern Recognition. https://doi.org/10.1145/3430199.3430224
  13. Cao, B., Li, C., Song, Y., Fan, X. (2022). Network Intrusion Detection Technology Based on Convolutional Neural Network and BiGRU. Computational Intelligence and Neuroscience, 2022, 1–20. https://doi.org/10.1155/2022/1942847
  14. Gu, J., Wang, Z., Kuen, J., Ma, L., Shahroudy, A., Shuai, B. et al. (2018). Recent advances in convolutional neural networks. Pattern Recognition, 77, 354–377. https://doi.org/10.1016/j.patcog.2017.10.013
  15. Song, Y., Luktarhan, N., Shi, Z., Wu, H. (2023). TGA: A Novel Network Intrusion Detection Method Based on TCN, BiGRU and Attention Mechanism. Electronics, 12 (13), 2849. https://doi.org/10.3390/electronics12132849
  16. Li, X. (2023). CNN-GRU model based on attention mechanism for large-scale energy storage optimization in smart grid. Frontiers in Energy Research, 11. https://doi.org/10.3389/fenrg.2023.1228256
  17. Yu, X., Li, T., Hu, A. (2020). Time-series Network Anomaly Detection Based on Behaviour Characteristics. 2020 IEEE 6th International Conference on Computer and Communications (ICCC). https://doi.org/10.1109/iccc51575.2020.9345249
  18. Liu, X., Liu, J. (2021). Malicious traffic detection combined deep neural network with hierarchical attention mechanism. Scientific Reports, 11 (1). https://doi.org/10.1038/s41598-021-91805-z
  19. Huang, Y., Chen, J., Zheng, S., Xue, Y., Hu, X. (2021). Hierarchical multi-attention networks for document classification. International Journal of Machine Learning and Cybernetics, 12 (6), 1639–1647. https://doi.org/10.1007/s13042-020-01260-x x
  20. Nikitenko, A. (2023). Nabory danykh dlia stvorennia system vyiavlennia merezhevykh vtorhnen z vykorystanniam neironnykh merezh. Materialy XLI naukovo-tekhnichnoi konferentsiyi molodykh vchenykh ta spetsialistiv Instytutu problem modeliuvannia v enerhetytsi im. H.Ye. Pukhova NAN Ukrainy, 104–106. Available at: https://ipme.kiev.ua/wp-content/uploads/2023/05/%D0%9C%D0%B0%D1%82%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8-%D0%BA%D0%BE%D0%BD%D1%84%D0%B5%D1%80%D0%B5%D0%BD%D1%86%D1%96%D1%97-2023.pdf
  21. The UNSW-NB15 Dataset. Available at: https://research.unsw.edu.au/projects/unsw-nb15-dataset
  22. Nikitenko, A. (2023). Network intrusion detection systems based on deep learning neural networks. Naukovi pratsi DonNTU. Seriya “Informatyka, kibernetyka ta obchysliuvalna tekhnika”, 2 (37), 15–21.
  23. ISCX NSL-KDD dataset 2009. Available at: https://www.unb.ca/cic/datasets/nsl.html
  24. Xiao, Y., Xiao, X. (2019). An Intrusion Detection System Based on a Simplified Residual Network. Information, 10 (11), 356. https://doi.org/10.3390/info10110356
  25. Cao, B., Li, C., Song, Y., Qin, Y., Chen, C. (2022). Network Intrusion Detection Model Based on CNN and GRU. Applied Sciences, 12 (9), 4184. https://doi.org/10.3390/app12094184
  26. Ren, K., Yuan, S., Zhang, C., Shi, Y., Huang, Z. (2023). CANET: A hierarchical CNN-Attention model for Network Intrusion Detection. Computer Communications, 205, 170–181. https://doi.org/10.1016/j.comcom.2023.04.018
  27. Marir, N., Wang, H., Feng, G., Li, B., Jia, M. (2018). Distributed Abnormal Behavior Detection Approach Based on Deep Belief Network and Ensemble SVM Using Spark. IEEE Access, 6, 59657–59671. https://doi.org/10.1109/access.2018.2875045
Construction of a network intrusion detection system based on a convolutional neural network and a bidirectional gated recurrent unit with attention mechanism

Downloads

Published

2024-06-28

How to Cite

Nikitenko, A., & Bashkov, Y. (2024). Construction of a network intrusion detection system based on a convolutional neural network and a bidirectional gated recurrent unit with attention mechanism. Eastern-European Journal of Enterprise Technologies, 3(9 (129), 6–15. https://doi.org/10.15587/1729-4061.2024.305685

Issue

Section

Information and controlling system