Hybrid weight deep belief network algorithm for anomaly-based intrusion detection system

• Auteur principal: Maseer, Ziadoon Kamil
• Format: Thèse
• Langue: anglais; anglais
• Publié: 2022
• Sujets: Q Science (General)
• Accès en ligne: http://eprints.utem.edu.my/id/eprint/28241/1/Hybrid%20weight%20deep%20belief%20network%20algorithm%20for%20anomaly-based%20intrusion%20detection%20system.pdf; http://eprints.utem.edu.my/id/eprint/28241/2/Hybrid%20weight%20deep%20belief%20network%20algorithm%20for%20anomaly-based%20intrusion%20detection%20system.pdf

With an increasing number of recent services connected to the Internet, including cloud computing and Internet of Things systems, cyber-attacks have become more challenging. The deep learning approach plays a pertinent role in tracing new attacks in cybersecurity. Recently, researchers suggested a deep belief network (DBN) algorithm to construct and build a network intrusion detection system (NIDS) for detecting attacks that have not been seen before. However, the current DBN.NIDS model is still ineffective for large-scale real-world data due to some issues: 1) the pre-training of the DBN algorithm includes simple feature learning which does not work very well to extract important features from the attack data, 2) the classification task of the DBN algorithm is a poor detection for imbalanced class dataset and 3) the design of the DBN model could be weak and need to be continuously updated by modern definitions of abnormal to detect recent attacks. In this study, the Deep Belief Network algorithm was optimized and constructed to design an effective NIDS anomaly model. The optimized DBN algorithm, known as the HW-DBN algorithm, integrated through feature learning based on a Gaussian–Bernoulli Restricted Boltzmann Machine as well as classification task through a weight neuron network. The effectiveness of HW-DBN.NIDS was validated with real-world datasets that contained multiple attack types, complex data patterns, noise values, and imbalanced classes. A comparative analysis presented an HW-DBN.NIDS which was able to extract important features and detect the low frequency of modern attacks undetectable by other models. The results showed the proposed anomaly IDS model that outperformed the three models by achieving a higher recognition accuracy of 99.38%, 99.99%, and 1.00 for the Web, bot, and bot-IoT attacks in CICIDS2017 and CSE-CIC-IDS2018 dataset, respectively. In future, the HW-DBN algorithm can be proposed as an integrated deep Learning for the classification performance of attack detection models.