Affiliation:
1. College of Computer Science and Information Technology, King Faisal University, P.O. Box 4000, Al-Ahsa 31982, Saudi Arabia
2. Community College of Abqaiq, King Faisal University, P.O. Box 4000, Al-Ahsa 31982, Saudi Arabia
3. Chemical Engineering Department, King Faisal University, P.O. Box 380, Al-Ahsa 31982, Saudi Arabia
Abstract
Telecommunication has registered strong and rapid growth in the past decade. Accordingly, the monitoring of computers and networks is too complicated for network administrators. Hence, network security represents one of the biggest serious challenges that can be faced by network security communities. Taking into consideration the fact that e-banking, e-commerce, and business data will be shared on the computer network, these data may face a threat from intrusion. The purpose of this research is to propose a methodology that will lead to a high level and sustainable protection against cyberattacks. In particular, an adaptive anomaly detection framework model was developed using deep and machine learning algorithms to manage automatically-configured application-level firewalls. The standard network datasets were used to evaluate the proposed model which is designed for improving the cybersecurity system. The deep learning based on Long-Short Term Memory Recurrent Neural Network (LSTM-RNN) and machine learning algorithms namely Support Vector Machine (SVM), K-Nearest Neighbor (K-NN) algorithms were implemented to classify the Denial-of-Service attack (DoS) and Distributed Denial-of-Service (DDoS) attacks. The information gain method was applied to select the relevant features from the network dataset. These network features were significant to improve the classification algorithm. The system was used to classify DoS and DDoS attacks in four stand datasets namely KDD cup 199, NSL-KDD, ISCX, and ICI-ID2017. The empirical results indicate that the deep learning based on the LSTM-RNN algorithm has obtained the highest accuracy. The proposed system based on the LSTM-RNN algorithm produced the highest testing accuracy rate of 99.51% and 99.91% with respect to KDD Cup’99, NSL-KDD, ISCX, and ICI-Id2017 datasets, respectively. A comparative result analysis between the machine learning algorithms, namely SVM and KNN, and the deep learning algorithms based on the LSTM-RNN model is presented. Finally, it is concluded that the LSTM-RNN model is efficient and effective to improve the cybersecurity system for detecting anomaly-based cybersecurity.
Funder
Deputyship for Research & Innovation, Ministry of Education in Saudi Arabia
Subject
Biomedical Engineering,Bioengineering,Medicine (miscellaneous),Biotechnology
Reference49 articles.
1. An Overview of IP Flow-Based Intrusion Detection
2. A survey of techniques for internet traffic classification using machine learning
3. A deep learning approach for network intrusion detection system;A. Avaid
4. A Taxonomy and Survey of Intrusion Detection System Design Techniques, Network Threats and Datasets;H. Hindy;arXiv,2018
5. Gradient based learning algorithms for recurrent networks and their computational complexity. In Back propagation: Theory, Architectures, and Applications;R. Williams,1995
Cited by
33 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献