Title: Feature-driven intrusion detection method based on improved CNN and LSTM

Authors: Jing Zhang; Yufei Zhao; Jiawei Zhang; Lin Guo; Xiaoqin Zhang

Addresses: Tianjin Electronic Information College, Tianjin, 300072, China ' State Grid Smart Grid Research Institute Co. Ltd., Beijing, 102211, China ' National Computer Network Emergency Response Technical Team/Coordination Center of China, Beijing, 100029, China ' Huaneng Shandong Power Co. Ltd., Jinan, 250011, China ' Chongqing Communication Design Institute Co. Ltd., Network and Information Security Research Institute, Chongqing, 400041, China

Abstract: To make up the lack of detection capabilities of traditional machine learning methods, A network intrusion detection method based on improved convolutional neural network (CNN) and improved long- and short-term memory network (HMLSTM) is proposed. The proposed method is mainly divided into four steps, namely data pre-processing, feature extraction, model training and detecting. First, we use the normalisation technology to pre-process the data; and then we use the lion swarm optimisation (LSO) algorithm to optimise the hyperparameters of the CNN to form the optimal CNN (OCNN) structure, and combine HMLSTM model to extract the spatial and temporal features. Finally, we use the spatial-temporal feature vectors to train and detect the upper classifier of OCNN-HMLSTM. This paper selects three commonly used datasets to do lots of experiments. The results show that the proposed method significantly improves the accuracy of network intrusion detection, and other metrics.

Keywords: feature-driven; intrusion detection; convolutional neural network; CNN; long-short-term memory; LSTM.

DOI: 10.1504/IJICS.2024.142685

International Journal of Information and Computer Security, 2024 Vol.25 No.1/2, pp.1 - 17

Received: 16 Nov 2022
Accepted: 30 May 2023
Published online: 18 Nov 2024 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article