Objectives: Network Intrusion Detection System (NIDS) plays an important role in finding and preventing cyber-attacks, which helps to improve the entire security posture of an organization’s network infrastructure. The development of Deep Learning (DL) techniques possess the ability of IDS to detect attacks without delay and protects from intrusions even in real-time environment. Methods: The present study proposes an improved IDS framework called Enhanced Gated Recurrent Unit Hyper-Model combined Attention Bidirectional Long-Short Term Memory (EGHAB) approach, to effectively address the detection of attacks with maximum accuracy and minimal error rate. The proposed model is enhanced by using methods like numericalization and normalisation for pre-processing the input data, Genetic Algorithm (GA) for extracting intricate features from the input data, and the EGHAB classifier, which works on the principles of both Gated Recurrent Unit (GRU) and Bidirectional Long-Short Term Memory (BiLSTM) models along with attention mechanism. Findings: The EGHAB model efficiently learns the abnormal behaviour of network and classified the attack and non-attack data using the publicly available NSL-KDD dataset and a generated real time data set, scapy. And it achieved 99.94% accuracy over NSL KDD dataset during multiclass classification and 93.3% on real time data set with reduced Error rate. Additionally, to examine the efficacy, the proposed approach is compared with other existing methods and proved its improved performance. Novelty: A combined ensemble classifier with GRU, BiLSTM and attention mechanism is designed to predict the attacks in earlier stage rather than due over. The model achieved better accuracy and reduced false assumption using anomaly prediction mechanism. Keywords: Cyber Attack, Anomaly Detection, Deep learning, Gated Recurrent Unit, Bi Directional Long-Short Term Memory, Attention mechanism
Read full abstract