Affiliation:
1. College of Computer Science and Technology, Hainan University, Haikou 570228, China
2. College of Civil and Architecture Engineering, Hainan University, Haikou 570228, China
Abstract
A network intrusion detection tool can identify and detect potential malicious activities or attacks by monitoring network traffic and system logs. The data within intrusion detection networks possesses characteristics that include a high degree of feature dimension and an unbalanced distribution across categories. Currently, the actual detection accuracy of some detection models is relatively low. To solve these problems, we propose a network intrusion detection model based on multi-head attention and BiLSTM (Bidirectional Long Short-Term Memory), which can introduce different attention weights for each vector in the feature vector that strengthen the relationship between some vectors and the detection attack type. The model also utilizes the advantage that BiLSTM can capture long-distance dependency relationships to obtain a higher detection accuracy. This model combined the advantages of the two models, adding a dropout layer between the two models to improve the detection accuracy while preventing training overfitting. Through experimental analysis, the network intrusion detection model that utilizes multi-head attention and BilSTM achieved an accuracy of 98.29%, 95.19%, and 99.08% on the KDDCUP99, NSLKDD, and CICIDS2017 datasets, respectively.
Funder
Haikou Science and Technology Plan Project
Subject
Electrical and Electronic Engineering,Computer Networks and Communications,Hardware and Architecture,Signal Processing,Control and Systems Engineering
Reference35 articles.
1. A feature reduced intrusion detection system using ANN classifier;Manzoor;Expert Syst. Appl.,2017
2. Thapa, S., and Mailewa, A. (2020, January 3–4). The role of intrusion detection/prevention systems in modern computer networks: A review. Proceedings of the Conference: Midwest Instruction and Computing Symposium (MICS), Online.
3. Patgiri, R., Varshney, U., Akutota, T., and Kunde, R. (2018, January 18–21). An investigation on intrusion detection system using machine learning. Proceedings of the 2018 IEEE Symposium Series on Computational Intelligence (SSCI), Bangalore, India.
4. Host-based intrusion detection system with system calls: Review and future trends;Liu;ACM Comput. Surv. (CSUR),2018
5. A hybrid unsupervised clustering-based anomaly detection method;Pu;Tsinghua Sci. Technol.,2020