Scientific Reports (Jan 2025)
An optimized LSTM-based deep learning model for anomaly network intrusion detection
Abstract
Abstract The increasing prevalence of network connections is driving a continuous surge in the requirement for network security and safeguarding against cyberattacks. This has triggered the need to develop and implement intrusion detection systems (IDS), one of the key components of network perimeter aimed at thwarting and alleviating the issues presented by network invaders. Over time, intrusion detection systems have been instrumental in identifying network breaches and deviations. Several researchers have recommended the implementation of machine learning approaches in IDSs to counteract the menace posed by network intruders. Nevertheless, most previously recommended IDSs exhibit a notable false alarm rate. To mitigate this challenge, exploring deep learning methodologies emerges as a viable solution, leveraging their demonstrated efficacy across various domains. Hence, this article proposes an optimized Long Short-Term Memory (LSTM) for identifying anomalies in network traffic. The presented model uses three optimization methods, i.e., Particle Swarm Optimization (PSO), JAYA, and Salp Swarm Algorithm (SSA), to optimize the hyperparameters of LSTM. In this study, NSL KDD, CICIDS, and BoT-IoT datasets are taken into consideration. To evaluate the efficacy of the proposed model, several indicators of performance like Accuracy, Precision, Recall, F-score, True Positive Rate (TPR), False Positive Rate (FPR), and Receiver Operating Characteristic curve (ROC) have been chosen. A comparative analysis of PSO-LSTMIDS, JAYA-LSTMIDS, and SSA-LSTMIDS is conducted. The simulation results demonstrate that SSA-LSTMIDS surpasses all the models examined in this study across all three datasets.
Keywords
