Article: Hybrid CNN-LSTM model combined with feature selection and SMOTE for detection of network attacks Journal: International Journal of Sensor Networks (IJSNET) 2023 Vol.43 No.4 pp.208 - 222 Abstract: Due to the continued and unabated increase in the number of cyber-attacks, the need for improved network security architecture is more apparent. The deep learning approach plays a pivotal role by classifying network traffic and identifying malicious records. However, this approach is often met with twin challenges of the high dimensionality of data and imbalanced ratio of attack labels within the data. To mitigate these issues and achieve a better detection rate, this research has proposed a new intrusion detection framework based on three main components; feature selection, oversampling, and hybrid CNN-LSTM classifier. This study deployed information gain, chi-square, basic methods, L1 regularisation, and random forest classifier as five feature selection methods and SMOTE for handling class imbalance. The experimental results, conducted using the CICIDS2017 dataset, have shown that the proposed model has demonstrated better performance in the detection of network attacks with more than 99% detection rate. Results established that number of features can be significantly reduced without altering the accuracy and oversampling has helped in improving the detection rate of minority attack labels. Inderscience Publishers - linking academia, business and industry through research

Title: Hybrid CNN-LSTM model combined with feature selection and SMOTE for detection of network attacks

Authors: Kuljeet Singh; Amit Mahajan; Vibhakar Mansotra

Addresses: Department of Computer Science and IT, University of Jammu, J&K, India ' Department of Computer Science and IT, University of Jammu, J&K, India ' Department of Computer Science and IT, University of Jammu, J&K, India

Abstract: Due to the continued and unabated increase in the number of cyber-attacks, the need for improved network security architecture is more apparent. The deep learning approach plays a pivotal role by classifying network traffic and identifying malicious records. However, this approach is often met with twin challenges of the high dimensionality of data and imbalanced ratio of attack labels within the data. To mitigate these issues and achieve a better detection rate, this research has proposed a new intrusion detection framework based on three main components; feature selection, oversampling, and hybrid CNN-LSTM classifier. This study deployed information gain, chi-square, basic methods, L1 regularisation, and random forest classifier as five feature selection methods and SMOTE for handling class imbalance. The experimental results, conducted using the CICIDS2017 dataset, have shown that the proposed model has demonstrated better performance in the detection of network attacks with more than 99% detection rate. Results established that number of features can be significantly reduced without altering the accuracy and oversampling has helped in improving the detection rate of minority attack labels.

Keywords: network attacks; feature selection; convolution neural network; CNN; long-short-term memory LSTM; SMOTE; CICIDS2017.

DOI: 10.1504/IJSNET.2023.135851

International Journal of Sensor Networks, 2023 Vol.43 No.4, pp.208 - 222

Received: 10 May 2023
Accepted: 05 Sep 2023
Published online: 08 Jan 2024 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: Hybrid CNN-LSTM model combined with feature selection and SMOTE for detection of network attacks

Keep up-to-date