IDSX-Attention: Intrusion detection system (IDS) based hybrid MADE-SDAE and LSTM-Attention mechanism

(1) * Hanafi Hanafi Mail (Universitas Amikom Yogyakarta, Indonesia)
(2) Andri Pranolo Mail (Universitas Ahmad Dahlan, Indonesia)
(3) Yingchi Mao Mail (Hohai University, China)
(4) Taqwa Hariguna Mail (Department Information System, Universitas Amikom Purwokerto, Indonesia)
(5) Leonel Hernandez Mail (Institución Universitaria de Barranquilla, Colombia)
(6) Nanang Fitriana Kurniawan Mail (Institut Teknologi Tangerang Selatan, Indonesia)
*corresponding author

Abstract


An Intrusion Detection System (IDS) is essential for automatically monitoring cyber-attack activity. Adopting machine learning to develop automatic cyber attack detection has become an important research topic in the last decade. Deep learning is a popular machine learning algorithm recently applied in IDS applications. The adoption of complex layer algorithms in the term of deep learning has been applied in the last five years to increase IDS detection effectiveness. Unfortunately, most deep learning models generate a large number of false negatives, leading to dominant mistake detection that can affect the performance of IDS applications. This paper aims to integrate a statistical model to remove outliers in pre-processing, SDAE, responsible for reducing data dimensionality, and LSTM-Attention, responsible for producing attack classification tasks. The model was implemented into the NSL-KDD dataset and evaluated using Accuracy, F1, Recall, and Confusion metrics measures. The results showed that the proposed IDSX-Attention outperformed the baseline model, SDAE, LSTM, PCA-LSTM, and Mutual Information (MI)-LSTM, achieving more than a 2% improvement on average. This study demonstrates the potential of the proposed IDSX-Attention, particularly as a deep learning approach, in enhancing the effectiveness of IDS and addressing the challenges in cyber threat detection. It highlights the importance of integrating statistical models, deep learning, and dimensionality reduction mechanisms to improve IDS detection. Further research can explore the integration of other deep learning algorithms and datasets to validate the proposed model's effectiveness and improve the performance of IDS.

Keywords


IDS; Cyber security; Attention mechanism; SDAE; LSTM

   

DOI

https://doi.org/10.26555/ijain.v9i1.942
      

Article metrics

Abstract views : 380 | PDF views : 123

   

Cite

   

Full Text

Download

References


[1] A. Sunyoto and Hanafi, "Enhance Intrusion Detection (IDS) System Using Deep SDAE to Increase Effectiveness of Dimensional Reduction in Machine Learning and Deep Learning," Int. J. Intell. Eng. Syst., vol. 15, no. 4, p. 2022, doi: 10.22266/ijies2022.0831.13.

[2] D. E. Denning, "An intrusion-detection model," IEEE Trans. Softw. Eng., no. 2, pp. 222–232, 1987, doi: 10.1109/TSE.1987.232894.

[3] K. Kim, M. E. Aminanto, and H. C. Tanuwidjaja, "Deep Learning-Based IDSs," Springer, Singapore, 2018, pp. 35–45, doi: 10.1007/978-981-13-1444-5_5.

[4] H. Zhang, "Design of intrusion detection system based on a new pattern matching algorithm," Proc. - 2009 Int. Conf. Comput. Eng. Technol. ICCET 2009, vol. 1, pp. 545–548, 2009, doi: 10.1109/ICCET.2009.244.

[5] C. Yin, "An Improved BM Pattern Matching Algorithm in Intrusion Detection System," Appl. Mech. Mater., vol. 148–149, pp. 1145–1148, 2012, doi: 10.4028/www.scientific.net/amm.148-149.1145.

[6] E. Sandhya and A. Kumarappan, "Enhancing the Performance of an Intrusion Detection System Using Spider Monkey Optimization in IoT," Int. J. Intell. Eng. Syst., vol. 14, no. 6, pp. 30–39, 2021, doi: 10.22266/ijies2021.1231.04.

[7] J. Zhang, M. Zulkernine, and A. Haque, "Random-forests-based network intrusion detection systems," IEEE Trans. Syst. Man Cybern. Part C Appl. Rev., vol. 38, no. 5, pp. 649–659, 2008, doi: 10.1109/TSMCC.2008.923876.

[8] B. Ingre and A. Yadav, "Performance analysis of NSL-KDD dataset using ANN," Int. Conf. Signal Process. Commun. Eng. Syst. - Proc. SPACES 2015, Assoc. with IEEE, pp. 92–96, Mar. 2015, doi: 10.1109/SPACES.2015.7058223.

[9] B. Ingre, A. Yadav, and A. K. Soni, "Decision Tree Based Intrusion Detection System for NSL-KDD Dataset," Smart Innov. Syst. Technol., vol. 84, pp. 207–218, 2017, doi: 10.1007/978-3-319-63645-0_23.

[10] G. Zhao, C. Zhang, L. Z.-2017 I. International, and undefined 2017, "Intrusion detection using deep belief network and probabilistic neural network," ieeexplore.ieee.org, 2017, doi: 10.1109/CSE-EUC.2017.119.

[11] F. Qu, J. Zhang, Z. Shao, S. Q.-P. of the 2017 V. international, and undefined 2017, "An intrusion detection model based on deep belief network," dl.acm.org, pp. 97–101, Dec. 2017, doi: 10.1145/3171592.3171598.

[12] M. Z. Alom, V. Bontupalli, and T. M. Taha, "Intrusion detection using deep belief networks," in National Aerospace and Electronics Conference (NAECON), 2015, pp. 333–344, doi: 10.1109/NAECON.2015.7443094.

[13] J. Kim, N. Shin, S. Y. Jo, and S. H. Kim, "Method of intrusion detection using deep neural network," 2017 IEEE Int. Conf. Big Data Smart Comput. BigComp 2017, pp. 313–316, Mar. 2017, doi: 10.1109/BIGCOMP.2017.7881684.

[14] K. Wu, Z. Chen, and W. Li, "A Novel Intrusion Detection Model for a Massive Network Using Convolutional Neural Networks," IEEE Access, vol. 6, pp. 50850–50859, 2018, doi: 10.1109/ACCESS.2018.2868993.

[15] K. Hara and K. Shiomoto, "Intrusion Detection System using Semi-Supervised Learning with Adversarial Auto-encoder," Proc. IEEE/IFIP Netw. Oper. Manag. Symp. 2020 Manag. Age Softwarization Artif. Intell. NOMS 2020, 2020, doi: 10.1109/NOMS47738.2020.9110343.

[16] F. Laghrissi, S. Douzi, K. Douzi, and B. Hssina, "Intrusion detection systems using long short-term memory (LSTM)," J. Big Data, vol. 8, no. 1, pp. 1–16, 2021, doi: 10.1186/s40537-021-00448-4.

[17] F. E. Laghrissi, S. Douzi, K. Douzi, and B. Hssina, "IDS-attention: an efficient algorithm for intrusion detection systems using attention mechanism," J. Big Data, vol. 8, no. 1, 2021, doi: 10.1186/s40537-021-00544-5.

[18] Hanafi, A. Pranolo, and Y. Mao, "Cae-covidx: Automatic covid-19 disease detection based on x-ray images using enhanced deep convolutional and autoencoder," Int. J. Adv. Intell. Informatics, vol. 7, no. 1, pp. 49–62, 2021, doi: 10.26555/ijain.v7i1.577.

[19] Hanafi, "Enhance Rating Prediction for E-commerce Recommender System Using Hybridization of SDAE, Attention Mechanism and Probabilistic Matrix Factorization," Int. J. Intell. Eng. Syst., vol. 15, no. 5, pp. 427–438, 2022, doi: 10.22266/ijies2022.1031.37.

[20] O. S. Shalom, H. Roitman, and P. Kouki, "Natural Language Processing for Recommender Systems," in Recommender Systems Handbook, New York, NY: Springer US, 2022, pp. 447–483, doi: 10.1007/978-1-0716-2197-4_12.

[21] P. Ren, Z. Ren, F. Sun, X. He, D. Yin, and M. de Rijke, "NLP4REC: The WSDM 2020 Workshop on Natural Language Processing for Recommendations," in Proceedings of the 13th International Conference on Web Search and Data Mining, Jan. 2020, pp. 907–908, doi: 10.1145/3336191.3371884.

[22] Hanafi, N. Suryana, and A. S. H. Basari, "Deep Contextual of Document Using Deep LSTM Meet Matrix Factorization to Handle Sparse Data: Proposed Model," J. Phys. Conf. Ser., vol. 1577, no. 1, 2020, doi: 10.1088/1742-6596/1577/1/012002.

[23] A. Trappey, C. V. Trappey, and A. Hsieh, "An intelligent patent recommender adopting machine learning approach for natural language processing: A case study for smart machinery technology mining," in Technological Forecasting and Social Change, Mar. 2021, vol. 164, p. 120511, doi: 10.1016/j.techfore.2020.120511.

[24] M. N. Hasan, R. N. Toma, A.-A. Nahid, M. M. M. Islam, and J.-M. Kim, "Electricity Theft Detection in Smart Grid Systems: A CNN-LSTM Based Approach," Energies, vol. 12, no. 17, p. 3310, Aug. 2019, doi: 10.3390/en12173310.

[25] F. E. Laghrissi, S. Douzi, K. Douzi, and B. Hssina, "Intrusion detection systems using long short-term memory (LSTM)," J. Big Data, vol. 8, no. 1, 2021, doi: 10.1186/s40537-021-00448-4.

[26] M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, "A detailed analysis of the KDD CUP 99 data set," IEEE Symp. Comput. Intell. Secur. Def. Appl. CISDA 2009, no. July, 2009, doi: 10.1109/CISDA.2009.5356528.

[27] C. Ieracitano, A. Adeel, F. C. Morabito, and A. Hussain, "A novel statistical analysis and autoencoder driven intelligent intrusion detection approach," Neurocomputing, vol. 387, pp. 51–62, 2020, doi: 10.1016/j.neucom.2019.11.016.

[28] P. Vincent, H. Larochelle, I. Lajoie, Y. Bengio, and P.-A. Manzagol, "Stacked Denoising Autoencoders: Learning Useful Representations in a Deep Network with a Local Denoising Criterion," J. Mach. Learn. Res., vol. 11, pp. 3371–3408, 2010, doi: 10.1111/1467-8535.00290.

[29] S. Hochreiter, "Long Short-Term Memory," vol. 1780, pp. 1735–1780, 1997, doi: 10.1162/neco.1997.9.8.1735.

[30] J. Chorowski, D. Bahdanau, D. Serdyuk, K. Cho, and Y. Bengio, "Attention-based models for speech recognition," Adv. Neural Inf. Process. Syst., vol. 2015-Janua, pp. 577–585, 2015, doi: 10.48550/arXiv.1506.07503.




Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

___________________________________________________________
International Journal of Advances in Intelligent Informatics
ISSN 2442-6571  (print) | 2548-3161 (online)
Organized by UAD and ASCEE Computer Society
Published by Universitas Ahmad Dahlan
W: http://ijain.org
E: info@ijain.org (paper handling issues)
   andri.pranolo.id@ieee.org (publication issues)

View IJAIN Stats

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0