A bidirectional LSTM deep learning approach for intrusion detection

Abstract

The rise in computer networks and internet attacks has become alarming for most service providers. It has triggered the need for the development and implementation of intrusion detection systems (IDSs) to help prevent and or mitigate the challenges posed by network intruders. Over the years, intrusion detection systems have played and continue to play a very significant role in spotting network attacks and anomalies. Numerous researchers around the globe have proposed many IDSs to combat the threat of network invaders. However, most of the previously proposed IDSs have high rates of raising false alarms. Additionally, most existing models suffer the difficulty of detecting the different attack types, especially User-to-Root (U2R) and Remote-to-Local (R2L) attacks. These two types of attacks often appear to have lower detection accuracy for the existing models. Hence, in this paper, we propose a bidirectional Long-Short-Term-Memory (BiDLSTM) based intrusion detection system to handle the challenges mentioned above. To train and measure our model’s performance, we use the NSL-KDD dataset, a benchmark dataset for most IDSs. Experimental results show and validate the effectiveness of the BiDLSTM approach. It outperforms conventional LSTM and other state-of-the-art models in terms of accuracy, precision, recall, and F-score values. It also has a much more reduced false alarm rate than the existing models. Furthermore, the BiDLSTM model achieves a higher detection accuracy for U2R and R2L attacks than the conventional LSTM.