IEEE Access (Jan 2023)
A Hierarchical Intrusion Detection Model Combining Multiple Deep Learning Models With Attention Mechanism
Abstract
In order to ensure the security of computer systems and networks, it is very important to design and implement intrusion detection systems that can detect and mitigate network attacks and threats. Deep learning has great advantages in processing complex, high-dimensional and large-scale traffic data. Therefore, intrusion detection system based on deep learning method has better detection effect. Through the analysis of the research status, this paper finds that there are some problems in the existing intrusion detection system. To solve the problems of low detection accuracy, structure to be optimized and high false positive rate, this paper presents a hierarchical intrusion detection model which combines multiple deep learning models with attention mechanism. The advantages of this hierarchical model include: Firstly, the SCDAE model is used to extract the features of traffic data and reduce noise; Secondly, CNN is used to extract spatial features of network traffic data from the spatial dimension; Thirdly, BiLSTM is able to fully consider the relationship between the front and back features, so that the temporal features of network traffic data can be mined; Fourthly, a Self-Attention mechanism is added to weight the output of each time step to sum up and retain the important information in it. Thus, a CNN-BiLSTM-Attention model is constructed; Finally, the Softmax classifier is used to obtain the classification results. To verify the effectiveness of the proposed model, four time-sensitive and representative datasets are selected for experiments and five classical detection models are compared in this paper. The experimental results show that the classification accuracy of the proposed model reaches 93.26 % and the false positive rate reaches 7.53%.
Keywords
