Scribd
Upload
8 views

Optimization of Intrusion Detection Using Likely Point PSO and Enhanced LSTM-RNN Hybrid Technique in Communication Networks

Uploaded by

Mohamed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
8 views

Optimization of Intrusion Detection Using Likely Point PSO and Enhanced LSTM-RNN Hybrid Technique in Communication Networks

Uploaded by

Mohamed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Received 3 January 2023, accepted 23 January 2023, date of publication 26 January 2023, date of current version 1 February 2023.

Digital Object Identifier 10.1109/ACCESS.2023.3240109

Optimization of Intrusion Detection Using Likely


Point PSO and Enhanced LSTM-RNN Hybrid
Technique in Communication Networks
AHMED ABD EL-BASET DONKOL1 , ALI G. HAFEZ1,2 ,
AZIZA I. HUSSEIN 3 , (Member, IEEE), AND M. MOURAD MABROOK 1,4
1 Department of Communication and Computer Engineering, Faculty of Engineering, Nahda University in Beni Suef, Beni Suef 62764, Egypt
2 Department of Seismology, National Research Institute of Astronomy and Geophysics, Helwan, Cairo 11722, Egypt
3 Department of Electrical and Computer Engineering, Effat University, Jeddah 21478, Saudi Arabia
4 Department of Space Communication, Faculty of Navigation Science and Space Technology, Beni-Suef University, Beni Suef 62521, Egypt

Corresponding author: M. Mourad Mabrook ([email protected])

ABSTRACT The intrusion detection system (IDS) is considered an essential sector in maintaining
communication network security and has been desirably adopted by all network administrators. Several
existing methods have been proposed for early intrusion detection systems. However, they experience
drawbacks that make them subsequently inefficient against new/distinct attacks. To overcome these
drawbacks, this paper proposes the enhanced long-short term memory (ELSTM) technique with recurrent
neural network (RNN) (ELSTM-RNN) to enhance security in IDS. Intrusion detection technology has
been associated with various problems, such as gradient vanishing, generalization, and overfitting issues.
The proposed system solves the gradient-clipping issue using the likely point particle swarm optimization
(LPPSO) and enhanced LSTM classification. The proposed method was evaluated using the NSL-KDD
dataset (KDD TEST PLUS and KDD TEST21) for validation and testing. Many efficient features were
selected using an enhanced technique, namely, the particle swarm optimization. The selected features serve
for effective classification using an enhanced LSTM framework, where it is used to efficiently classify and
detect the attack data from the normal data. The proposed system has been applied to the UNSW-NB15,
CICIDS2017, CSE-CIC-IDS2018, and BOT _DATASET datasets for further verification. Results show that
the training time of the proposed system is much less than that of other methods for different classes.
Finally, the performance of the proposed ELSTM-RNN framework is analyzed using various metrics, such as
accuracy, precision, recall, and error rate. Our proposed method outperformed LPBoost and DNNs methods.

INDEX TERMS IDS, KDD TEST PLUS, KDD TEST 21 dataset, LSTM, network security, and RNN.

I. INTRODUCTION detection. Anomaly detection detects abnormal patterns.


An intrusion detection system (IDS) [1] is a schematic tool Major models exhibited today cannot regulate the complex
for detecting abnormal behavior and malicious activity in and dynamic nature of computer cyber-attacked networks.
the system. Security infrastructure requires the installation This results in a minimum rate of false alarm, a high rate
of IDS due to increased attack types. An IDS promote of detection, and judicious communication and computation
the security of the system using its advantage of increased costs. Different traditional ways of detecting malicious
network connection. There are two main IDS techniques, activities include encryptions, access control mechanisms,
namely, anomaly detection and misuse or signature-based firewalls, and others. Nonetheless, there are few limitations
to protecting the network entirely. Several approaches to
The associate editor coordinating the review of this manuscript and developing IDS have been based on traditional machine
approving it for publication was Rakesh Matam . learning (ML), such as support vector machine (SVM) [2],

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
VOLUME 11, 2023 9469

You might also like