A Hybrid parallel deep learning model for efficient intrusion detection based on metric learning

With the rapid development of network technology, a variety of new malicious attacks appear while attack methods are constantly updated. As the attackers exploit the vulnerabilities of popular third-party components to invade target websites, further improving the classification accuracy of maliciou...

Full description

Saved in:
Bibliographic Details
Published inConnection science Vol. 34; no. 1; pp. 551 - 577
Main Authors Cai, Shaokang, Han, Dezhi, Yin, Xinming, Li, Dun, Chang, Chin-Chen
Format Journal Article
LanguageEnglish
Published Abingdon Taylor & Francis 31.12.2022
Taylor & Francis Ltd
Taylor & Francis Group
Subjects
Accuracy
Classification
Communications traffic
Convolution
Deep learning
Feature extraction
feature fusion
hybrid parallel network
Intrusion detection systems
Machine learning
metric learning
multi-classification
Network intrusion detection
Websites
Online AccessGet full text

Cover

More Information
Summary:With the rapid development of network technology, a variety of new malicious attacks appear while attack methods are constantly updated. As the attackers exploit the vulnerabilities of popular third-party components to invade target websites, further improving the classification accuracy of malicious network traffic is the key to improving the performance of  abnormal traffic detection. Existing intrusion detection systems may suffer from incomplete feature extraction and low classification accuracy. Thus, this paper proposes an efficient hybrid parallel deep learning model (HPM) for intrusion detection based on margin learning. First, HPM constructs two parallel CNN architectures and fuses the spatial features obtained through full convolution. Secondly, the temporal information of the fused features is parsed separately using two parallel LSTMs. Finally, the extracted spatial-temporal features are fed into the CosMargin classifier for classification detection after global convolution and global pooling. Besides, this paper proposes an improved traffic feature extraction method, which not only reduces redundant features but also speeds up the convergence speed of the network. In the experiment, our HPM has achieved 99% detection accuracy of each malicious class, ranging from 5%-10% improvement with other models, which demonstrates the superiority of our proposed model.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0954-0091
1360-0494
DOI:10.1080/09540091.2021.2024509