Abstract

The use of network intrusion detection systems is expanding as cloud computing becomes more widespread. Network intrusion detection systems (NIDS) are crucial to network security since network traffic is increasing and cyberattacks are being launched more frequently. Algorithms for detecting anomalies in intruder detection use either machine learning systems or pattern matching systems. Pattern-matching methods frequently produce false positive results, while AI/ML-based systems predict possible assaults by identifying connections between metrics, features, or collections of metrics, features. KNN, SVM, and other models are the most widely used, but they only apply to a few features, are not very accurate, and have a higher false positive rate. This proposal developed a deep learning model that combines the benefits of two-dimensional LSTMs and convolutional neural networks to learn the characteristics of spatial and temporal data. The study’s model was developed and evaluated using the freely available NSL-KDD dataset. The suggested model is very effective, having a low rate of false positives and a high rate of detection. Some sophisticated network intrusion detection systems use machine learning and deep learning models, and their performance is superior to that of the proposed model.

摘要

随着云计算变得越来越普遍，网络入侵检测系统的使用也在不断扩大。网络入侵检测系统 (NIDS) 对网络安全至关重要，因为网络流量不断增加，网络攻击也越来越频繁。检测入侵者检测异常的算法使用机器学习系统或模式匹配系统。模式匹配方法经常产生误报结果，而基于 AI/ML 的系统通过识别指标、特征或指标、特征集合之间的联系来预测可能的攻击。KNN、SVM等模型应用最广泛，但只适用于少数几个特征，精度不高，误报率较高。该提案开发了一种深度学习模型，该模型结合了二维 LSTM 和卷积神经网络的优势来学习空间和时间数据的特征。该研究的模型是使用免费提供的 NSL-KDD 数据集开发和评估的。建议的模型非常有效，具有低误报率和高检测率。一些复杂的网络入侵检测系统使用机器学习和深度学习模型，其性能优于所提出的模型。