Evolving deep learning architectures for network intrusion detection using a double PSO metaheuristic

dc.contributor.authorElmasry, Wisam
dc.contributor.authorAkbulut, Akhan
dc.contributor.authorZaim, Abdül Halim
dc.date.accessioned2020-11-21T15:53:59Z
dc.date.available2020-11-21T15:53:59Z
dc.date.issued2020en_US
dc.departmentİstanbul Ticaret Üniversitesien_US
dc.description.abstractThe prevention of intrusion is deemed to be a cornerstone of network security. Although excessive work has been introduced on network intrusion detection in the last decade, finding an Intrusion Detection Systems (IDS) with potent intrusion detection mechanism is still highly desirable. One of the leading causes of the high number of false alarms and a low detection rate is the existence of redundant and irrelevant features of the datasets, which are used to train the IDSs. To cope with this problem, we proposed a double Particle Swarm Optimization (PSO)-based algorithm to select both feature subset and hyperparameters in one process. The aforementioned algorithm is exploited in the pre-training phase for selecting the optimized features and model's hyperparameters automatically. In order to investigate the performance differences, we utilized three deep learning models, namely, Deep Neural Networks (DNN), Long Short-Term Memory Recurrent Neural Networks (LSTM-RNN), and Deep Belief Networks (DBN). Furthermore, we used two common IDS datasets in our experiments to validate our approach and show the effectiveness of the developed models. Moreover, many evaluation metrics are used for both binary and multiclass classifications to assess the model's performance in each of the datasets. Finally, intensive quantitative, Friedman test, and ranking methods analyses of our results are provided at the end of this paper. Experimental results show a significant improvement in network intrusion detection when using our approach by increasing Detection Rate (DR) by 4% to 6% and reducing False Alarm Rate (FAR) by 1% to 5% from the corresponding values of same models without pre-training on the same dataset. © 2019en_US
dc.identifier.doi10.1016/j.comnet.2019.107042en_US
dc.identifier.issn1389-1286
dc.identifier.scopus2-s2.0-85076691312en_US
dc.identifier.scopusqualityQ1en_US
dc.identifier.urihttps://doi.org/10.1016/j.comnet.2019.107042
dc.identifier.urihttps://hdl.handle.net/11467/3733
dc.identifier.volume168en_US
dc.identifier.wosWOS:000514230900004en_US
dc.identifier.wosqualityQ1en_US
dc.indekslendigikaynakWeb of Scienceen_US
dc.indekslendigikaynakScopusen_US
dc.language.isoenen_US
dc.publisherElsevier B.V.en_US
dc.relation.ispartofComputer Networksen_US
dc.relation.publicationcategoryMakale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanıen_US
dc.rightsinfo:eu-repo/semantics/closedAccessen_US
dc.subjectCyber securityen_US
dc.subjectDeep learningen_US
dc.subjectFeature selectionen_US
dc.subjectHyperparameter selectionen_US
dc.subjectNetwork intrusion detectionen_US
dc.subjectParticle swarm optimizationen_US
dc.titleEvolving deep learning architectures for network intrusion detection using a double PSO metaheuristicen_US
dc.typeArticleen_US

Dosyalar