Intrusion detection systems using long short-term memory (LSTM)

An intrusion detection system (IDS) is a device or software application that monitors a network for malicious activity or policy violations. It scans a network or a system for a harmful activity or security breaching. IDS protects networks (Network-based intrusion detection system NIDS) or hosts (Host-based intrusion detection system HIDS), and work by either looking for signatures of known attacks or deviations from normal activity. Deep learning algorithms proved their effectiveness in intrusion detection compared to other machine learning methods. In this paper, we implemented deep learning solutions for detecting attacks based on Long Short-Term Memory (LSTM). PCA (principal component analysis) and Mutual information (MI) are used as dimensionality reduction and feature selection techniques. Our approach was tested on a benchmark data set, KDD99, and the experimental outcomes show that models based on PCA achieve the best accuracy for training and testing, in both binary and multiclass classification.

Automated summary

An Intrusion Detection System (IDS) is a device or software application that monitors networks for malicious activities, with deep learning algorithms proving effective in improving detection efficiency. In this study, PCA and Mutual information were utilized as dimensionality reduction and feature selection techniques for a deep learning attack detection model based on Long Short-Term Memory (LSTM). The experimental results on the KDD99 benchmark dataset demonstrated that PCA-based models achieved the highest accuracy in both training and testing for binary and multiclass classification.