Olisaemeka F. Isife, Kennedy Okokpujie, Imhade P. Okokpujie, Roselyn E. Subair, Akingunsoye Adenugba Vincent, Morayo E. Awomoyi
{"title":"Development of a Malicious Network Traffic Intrusion Detection System Using Deep Learning","authors":"Olisaemeka F. Isife, Kennedy Okokpujie, Imhade P. Okokpujie, Roselyn E. Subair, Akingunsoye Adenugba Vincent, Morayo E. Awomoyi","doi":"10.18280/ijsse.130401","DOIUrl":null,"url":null,"abstract":"With the exponential surge in the number of internet-connected devices, the attack surface for potential cyber threats has correspondingly expanded. Such a landscape necessitates the evolution of intrusion detection systems to counter the increasingly sophisticated mechanisms employed by cyber attackers. Traditional machine learning methods, coupled with existing deep learning implementations, are observed to exhibit limited proficiency due to their reliance on outdated datasets. Their performance is further compromised by elevated false positive rates, decreased detection rates, and an inability to efficiently detect novel attacks. In an attempt to address these challenges, this study proposes a deep learning-based system specifically designed for the detection of malicious network traffic. Three distinct deep learning models were employed: Deep Neural Networks (DNN), Long Short-Term Memory (LSTM), and Gated Recurrent Units (GRU). These models were trained using two contemporary benchmark intrusion detection datasets: the CICIDS 2017 and the Coburg Intrusion Detection Data Sets (CIDDS). A robust preprocessing procedure was conducted to merge these datasets based on common and essential features, creating a comprehensive dataset for model training. Two separate experimental setups were utilized to configure these models. Among the three models, the LSTM displayed superior performance in both experimental configurations. It achieved an accuracy of 98.09%, a precision of 98.14%, an F1-Score of 98.09%, a True Positive Rate (TPR) of 98.05%, a True Negative Rate (TNR) of 99.69%, a False Positive Rate (FPR) of 0.31%, and a False Negative Rate (FNR) of 1.95%.","PeriodicalId":37802,"journal":{"name":"International Journal of Safety and Security Engineering","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Safety and Security Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.18280/ijsse.130401","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Engineering","Score":null,"Total":0}
引用次数: 1
Abstract
With the exponential surge in the number of internet-connected devices, the attack surface for potential cyber threats has correspondingly expanded. Such a landscape necessitates the evolution of intrusion detection systems to counter the increasingly sophisticated mechanisms employed by cyber attackers. Traditional machine learning methods, coupled with existing deep learning implementations, are observed to exhibit limited proficiency due to their reliance on outdated datasets. Their performance is further compromised by elevated false positive rates, decreased detection rates, and an inability to efficiently detect novel attacks. In an attempt to address these challenges, this study proposes a deep learning-based system specifically designed for the detection of malicious network traffic. Three distinct deep learning models were employed: Deep Neural Networks (DNN), Long Short-Term Memory (LSTM), and Gated Recurrent Units (GRU). These models were trained using two contemporary benchmark intrusion detection datasets: the CICIDS 2017 and the Coburg Intrusion Detection Data Sets (CIDDS). A robust preprocessing procedure was conducted to merge these datasets based on common and essential features, creating a comprehensive dataset for model training. Two separate experimental setups were utilized to configure these models. Among the three models, the LSTM displayed superior performance in both experimental configurations. It achieved an accuracy of 98.09%, a precision of 98.14%, an F1-Score of 98.09%, a True Positive Rate (TPR) of 98.05%, a True Negative Rate (TNR) of 99.69%, a False Positive Rate (FPR) of 0.31%, and a False Negative Rate (FNR) of 1.95%.
期刊介绍:
The International Journal of Safety and Security Engineering aims to provide a forum for the publication of papers on the most recent developments in the theoretical and practical aspects of these important fields. Safety and Security Engineering, due to its special nature, is an interdisciplinary area of research and applications that brings together in a systematic way many disciplines of engineering, from the traditional to the most technologically advanced. The Journal covers areas such as crisis management; security engineering; natural disasters and emergencies; terrorism; IT security; man-made hazards; risk management; control; protection and mitigation issues. The Journal aims to attract papers in all related fields, in addition to those listed under the List of Topics, as well as case studies describing practical experiences. The study of multifactor risk impact will be given special emphasis. Due to the multitude and variety of topics included, the List is only indicative of the themes of the expected papers. Authors are encouraged to submit papers in all areas of Safety and Security, with particular attention to integrated and interdisciplinary aspects.