Network intrusion detection model based on multivariate correlation analysis – long short-time memory network

For the purpose of improving the low detection performance of network intrusion detection model caused by high-dimensional data, and from the perspective of time correlation characteristics of intrusion detection datasets, the authors present a network intrusion detection model based on the multivar...

Full description

Saved in:
Bibliographic Details
Published inIET information security Vol. 14; no. 2; pp. 166 - 174
Main Authors Dong, Rui-Hong, Li, Xue-Yong, Zhang, Qiu-Yu, Yuan, Hui
Format Journal Article
LanguageEnglish
Published The Institution of Engineering and Technology 01.03.2020
Subjects
Online AccessGet full text

Cover

Loading…
More Information
Summary:For the purpose of improving the low detection performance of network intrusion detection model caused by high-dimensional data, and from the perspective of time correlation characteristics of intrusion detection datasets, the authors present a network intrusion detection model based on the multivariate correlations analysis – long short-term memory network (MCA-LSTM). Firstly, this model selects the optimal feature subsets through the information gain feature selection method, the MCA module is then used to change the feature subset into the triangle area map (TAM) matrix, and finally inputs the TAM matrix into the LSTM module for the training and testing purpose. To better demonstrate the performance of the proposed model, it is compared with those of convolutional neural networks, recurrent neural network, deep forest, support vector machine, and k-nearest neighbour methods proposed by the previous researchers. Experimental results show that the testing accuracy of the proposed model on 5-classification task using NSL-KDD dataset is up to 82.15%, and that on 10-classification task using UNSW-NB15 dataset is up to 77.74%. Moreover, compared with the traditional machine learning and existing deep learning models, the proposed model has shown to achieve better classification detection performance.
ISSN:1751-8709
1751-8717
1751-8717
DOI:10.1049/iet-ifs.2019.0294