IEEE Access (Jan 2023)

Optimization of Intrusion Detection Using Likely Point PSO and Enhanced LSTM-RNN Hybrid Technique in Communication Networks

  • Ahmed Abd El-Baset Donkol,
  • Ali G. Hafez,
  • Aziza I. Hussein,
  • M. Mourad Mabrook

DOI
https://doi.org/10.1109/ACCESS.2023.3240109
Journal volume & issue
Vol. 11
pp. 9469 – 9482

Abstract

Read online

The intrusion detection system (IDS) is considered an essential sector in maintaining communication network security and has been desirably adopted by all network administrators. Several existing methods have been proposed for early intrusion detection systems. However, they experience drawbacks that make them subsequently inefficient against new/distinct attacks. To overcome these drawbacks, this paper proposes the enhanced long-short term memory (ELSTM) technique with recurrent neural network (RNN) (ELSTM-RNN) to enhance security in IDS. Intrusion detection technology has been associated with various problems, such as gradient vanishing, generalization, and overfitting issues. The proposed system solves the gradient-clipping issue using the likely point particle swarm optimization (LPPSO) and enhanced LSTM classification. The proposed method was evaluated using the NSL-KDD dataset (KDD TEST PLUS and KDD TEST21) for validation and testing. Many efficient features were selected using an enhanced technique, namely, the particle swarm optimization. The selected features serve for effective classification using an enhanced LSTM framework, where it is used to efficiently classify and detect the attack data from the normal data. The proposed system has been applied to the UNSW-NB15, CICIDS2017, CSE-CIC-IDS2018, and BOT _DATASET datasets for further verification. Results show that the training time of the proposed system is much less than that of other methods for different classes. Finally, the performance of the proposed ELSTM-RNN framework is analyzed using various metrics, such as accuracy, precision, recall, and error rate. Our proposed method outperformed LPBoost and DNNs methods.

Keywords