A deep learning technique for intrusion detection system using a Recurrent Neural Networks based framework

In recent years, the spike in the amount of information transmitted through communication infrastructures has increased due to the advances in technologies such as cloud computing, vehicular networks systems, the Internet of Things (IoT), etc. As a result, attackers have multiplied their efforts for the purpose of rendering network systems vulnerable. Therefore, it is of utmost importance to improve the security of those network systems. In this study, an IDS framework using Machine Learning (ML) techniques is implemented. This framework uses different types of Recurrent Neural Networks (RNNs), namely, Long-Short Term Memory (LSTM), Gated Recurrent Unit (GRU) and Simple RNN. To assess the performance of the proposed IDS framework, the NSL-KDD and the UNSW-NB15 benchmark datasets are considered. Moreover, existing IDSs suffer from low test accuracy scores in detecting new attacks as the feature dimension grows. In this study, an XGBoost-based feature selection algorithm was implemented to reduce the feature space of each dataset. Following that process, 17 and 22 relevant attributes were picked from the UNSW-NB15 and NSL-KDD, respectively. The accuracy obtained through the test subsets was used as the main performance metric in conjunction with the F1-Score, the validation accuracy, and the training time (in seconds). The results showed that for the binary classification tasks using the NSL-KDD, the XGBoost-LSTM achieved the best performance with a test accuracy (TAC) of 88.13%, a validation accuracy (VAC) of 99.49% and a training time of 225.46 s. For the UNSW-NB15, the XGBoost-Simple-RNN was the most efficient model with a TAC of 87.07%. For the multiclass classification scheme, the XGBoost-LSTM achieved a TAC of 86.93% over the NSL-KDD and the XGBoost-GRU obtained a TAC of 78.40% over the UNSW-NB15 dataset. These results demonstrated that our proposed IDS framework performed optimally in comparison to existing methods.