An Optimized Hybrid Deep Intrusion Detection Model (HD-IDM) for Enhancing Network Security

Ahmad, Iftikhar; Imran, Muhammad; Qayyum, Abdul; Ramzan, Muhammad Sher; Alassafi, Madini O.

An Optimized Hybrid Deep Intrusion Detection Model (HD-IDM) for Enhancing Network Security

Iftikhar Ahmad (), Muhammad Imran, Abdul Qayyum, Muhammad Sher Ramzan and Madini O. Alassafi
Additional contact information
Iftikhar Ahmad: Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah 21589, Saudi Arabia
Muhammad Imran: Institute of Innovation, Science and Sustainability, Federation University Australia, 100 Clyde Rd, Berwick, VIC 3806, Australia
Abdul Qayyum: National Heart and Lung Institute, Imperial College, London SW7 2BX, UK
Muhammad Sher Ramzan: Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah 21589, Saudi Arabia
Madini O. Alassafi: Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah 21589, Saudi Arabia

Mathematics, 2023, vol. 11, issue 21, 1-24

Abstract: Detecting cyber intrusions in network traffic is a tough task for cybersecurity. Current methods struggle with the complexity of understanding patterns in network data. To solve this, we present the Hybrid Deep Learning Intrusion Detection Model (HD-IDM), a new way that combines GRU and LSTM classifiers. GRU is good at catching quick patterns, while LSTM handles long-term ones. HD-IDM blends these models using weighted averaging, boosting accuracy, especially with complex patterns. We tested HD-IDM on four datasets: CSE-CIC-IDS2017, CSE-CIC-IDS2018, NSL KDD, and CIC-DDoS2019. The HD-IDM classifier achieved remarkable performance metrics on all datasets. It attains an outstanding accuracy of 99.91%, showcasing its consistent precision across the dataset. With an impressive precision of 99.62%, it excels in accurately categorizing positive cases, crucial for minimizing false positives. Additionally, maintaining a high recall of 99.43%, it effectively identifies the majority of actual positive cases while minimizing false negatives. The F1-score of 99.52% emphasizes its robustness, making it the top choice for classification tasks requiring precision and reliability. It is particularly good at ROC and precision/recall curves, discriminating normal and harmful network activities. While HD-IDM is promising, it has limits. It needs labeled data and may struggle with new intrusion methods. Future work should find ways to handle unlabeled data and adapt to emerging threats. Also, making HD-IDM work faster for real-time use and dealing with scalability challenges is key for its broader use in changing network environments.

Keywords: intrusion detection system; GRU; LSTM; classification; network security; knowledge discovery and data mining; false alarm (search for similar items in EconPapers)
JEL-codes: C (search for similar items in EconPapers)
Date: 2023
References: View complete reference list from CitEc
Citations:

Downloads: (external link)
https://www.mdpi.com/2227-7390/11/21/4501/pdf (application/pdf)
https://www.mdpi.com/2227-7390/11/21/4501/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jmathe:v:11:y:2023:i:21:p:4501-:d:1271596

Access Statistics for this article

Mathematics is currently edited by Ms. Emma He

More articles in Mathematics from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().