TY - JOUR
T1 - A hybrid deep learning model for efficient intrusion detection in big data environment
AU - Hassan, Mohammad Mehedi
AU - Gumaei, Abdu
AU - Alsanad, Ahmed
AU - Alrubaian, Majed
AU - Fortino, Giancarlo
N1 - Publisher Copyright:
© 2019
PY - 2020/3
Y1 - 2020/3
N2 - The volume of network and Internet traffic is expanding daily, with data being created at the zettabyte to petabyte scale at an exceptionally high rate. These can be characterized as big data, because they are large in volume, variety, velocity, and veracity. Security threats to networks, the Internet, websites, and organizations are growing alongside this growth in usage. Detecting intrusions in such a big data environment is difficult. Various intrusion-detection systems (IDSs) using artificial intelligence or machine learning have been proposed for different types of network attacks, but most of these systems either cannot recognize unknown attacks or cannot respond to such attacks in real time. Deep learning models, recently applied to large-scale big data analysis, have shown remarkable performance in general but have not been examined for detection of intrusions in a big data environment. This paper proposes a hybrid deep learning model to efficiently detect network intrusions based on a convolutional neural network (CNN) and a weight-dropped, long short-term memory (WDLSTM) network. We use the deep CNN to extract meaningful features from IDS big data and WDLSTM to retain long-term dependencies among extracted features to prevent overfitting on recurrent connections. The proposed hybrid method was compared with traditional approaches in terms of performance on a publicly available dataset, demonstrating its satisfactory performance.
AB - The volume of network and Internet traffic is expanding daily, with data being created at the zettabyte to petabyte scale at an exceptionally high rate. These can be characterized as big data, because they are large in volume, variety, velocity, and veracity. Security threats to networks, the Internet, websites, and organizations are growing alongside this growth in usage. Detecting intrusions in such a big data environment is difficult. Various intrusion-detection systems (IDSs) using artificial intelligence or machine learning have been proposed for different types of network attacks, but most of these systems either cannot recognize unknown attacks or cannot respond to such attacks in real time. Deep learning models, recently applied to large-scale big data analysis, have shown remarkable performance in general but have not been examined for detection of intrusions in a big data environment. This paper proposes a hybrid deep learning model to efficiently detect network intrusions based on a convolutional neural network (CNN) and a weight-dropped, long short-term memory (WDLSTM) network. We use the deep CNN to extract meaningful features from IDS big data and WDLSTM to retain long-term dependencies among extracted features to prevent overfitting on recurrent connections. The proposed hybrid method was compared with traditional approaches in terms of performance on a publicly available dataset, demonstrating its satisfactory performance.
KW - Big data
KW - Convolution neural network
KW - Deep learning
KW - Intrusion detection
KW - Weight-dropped long short-term memory network
UR - http://www.scopus.com/inward/record.url?scp=85075368904&partnerID=8YFLogxK
U2 - 10.1016/j.ins.2019.10.069
DO - 10.1016/j.ins.2019.10.069
M3 - Article
AN - SCOPUS:85075368904
SN - 0020-0255
VL - 513
SP - 386
EP - 396
JO - Information Sciences
JF - Information Sciences
ER -