Hybrid Intrusion Detection using MapReduce based Black Widow Optimized Convolutional Long Short-Term Memory Neural Networks

The recent advancements in information and communication technologies have led to an increasing number of online systems and services. These online systems can utilize Intrusion Detection Systems (IDS) to ensure their trustworthiness by preventing cyber security threats. Hence it has become necessary for any system to design advanced and intelligent IDS models. However, most existing IDS models are based on traditional machine learning algorithms with weak, shallow learning behaviours providing less efficient feature selection and classification performance of new attacks. Another problem is that these approaches are either Network-based or Host-based intrusion detection and it often leads to many known attacks being unrecognized by the detection module. Additionally, they lack flexible and scalable handling of the massive amounts of network traffic data due to high model complexity. To overcome these issues, an efficient hybrid IDS model is presented which is built using MapReduce based Black Widow Optimized Convolutional-Long Short-Term Memory (BWO-CONV-LSTM) network. The first stage of this IDS model is the feature selection by the Artificial Bee Colony (ABC) algorithm. The second stage is the hybrid deep learning classifier model of BWO-CONV-LSTM on a MapReduce framework for intrusion detection from the system traffic data. The proposed BWO-CONV-LSTM network is the combination of Convolutional and LSTM neural networks whose hyper-parameters are optimized by BWO to obtain the ideal architecture. Performance evaluations of the BWO-CONV-LSTM based IDS model are performed over the NSL-KDD, ISCX-IDS, UNSW-NB15, and CSE-CIC-ID52018 datasets. The results indicate that the proposed BWO-CONV-LSTM model has high intrusion detection performance with 98.67%, 97.003%, 98.667% and 98.25% accuracy for NSL-KDD, ISCX-IDS, UNSW-NB15, and CSE-CIC-ID52018 datasets respectively, with fewer false values, less computation time and better classification coefficients.

Automated summary

Recent advancements in information and communication technologies have led to a growing number of online systems and services. Therefore, it is necessary to design advanced and intelligent IDS models to ensure the trustworthiness of these systems. However, most existing IDS models based on traditional machine learning algorithms lack efficient feature selection and classification performance for new attacks. Additionally, they struggle with the recognition of known attacks and handling massive amounts of network traffic data. To address these issues, this paper presents an efficient hybrid IDS model built using the BWO-CONV-LSTM network. The model incorporates feature selection by the ABC algorithm and a hybrid deep learning classifier on a MapReduce framework. Performance evaluations demonstrate high intrusion detection accuracy and improved classification coefficients.