A Hybrid parallel deep learning model for efficient intrusion detection based on metric learning

Abstract

With the rapid development of network technology, a variety of new malicious attacks appear while attack methods are constantly updated. As the attackers exploit the vulnerabilities of popular third-party components to invade target websites, further improving the classification accuracy of malicious network traffic is the key to improving the performance of abnormal traffic detection. Existing intrusion detection systems may suffer from incomplete feature extraction and low classification accuracy. Thus, this paper proposes an efficient hybrid parallel deep learning model (HPM) for intrusion detection based on margin learning. First, HPM constructs two parallel CNN architectures and fuses the spatial features obtained through full convolution. Secondly, the temporal information of the fused features is parsed separately using two parallel LSTMs. Finally, the extracted spatial-temporal features are fed into the CosMargin classifier for classification detection after global convolution and global pooling. Besides, this paper proposes an improved traffic feature extraction method, which not only reduces redundant features but also speeds up the convergence speed of the network. In the experiment, our HPM has achieved 99% detection accuracy of each malicious class, ranging from 5%–10% improvement with other models, which demonstrates the superiority of our proposed model.