Deep learning-based feature extraction and optimizing pattern matching for intrusion detection using finite state machine

Abstract

Deep learning has gained popularity for feature extraction in the field of Network Intrusion Detection and Prevention System (NIDPS) to extract the patterns matching and secure the networks by detecting the unknown and malicious activities. The malicious activities and security attacks are disturbing the normal operations of networks. The new attacks are difficult to monitor due to their new features and pattern types. Different types of methods have been adopted for feature extraction and pattern matching. Deep learning is one of them and subfield of machine learning where it solves the optimization issues layer-wise by looking at the deep structure. On the other hand, pattern matching is another considerable method for intrusion detection due to its variety of applications. However, pattern matching methods are consuming more than 70% of the total running time and cause overhead. In this paper, we propose two methods including Deep Learning-based Feature Extraction (DLFE) and Optimization of Pattern Matching (OPM) for NIDPS systems to optimizes the pattern matching engine in intrusion detection. The experiments are performed by using the snort ruleset for pattern matching and obtained the results. The experiment results show the better performance of proposed methods in terms of time, throughput, and memory.