Alkahtani Hasan, Aldhyani Theyazn H H, Al-Yaari Mohammed
College of Computer Science and Information Technology, King Faisal University, P.O. Box 4000, Al-Ahsa 31982, Saudi Arabia.
Community College of Abqaiq, King Faisal University, P.O. Box 4000, Al-Ahsa 31982, Saudi Arabia.
Appl Bionics Biomech. 2020 Dec 9;2020:6660489. doi: 10.1155/2020/6660489. eCollection 2020.
Telecommunication has registered strong and rapid growth in the past decade. Accordingly, the monitoring of computers and networks is too complicated for network administrators. Hence, network security represents one of the biggest serious challenges that can be faced by network security communities. Taking into consideration the fact that e-banking, e-commerce, and business data will be shared on the computer network, these data may face a threat from intrusion. The purpose of this research is to propose a methodology that will lead to a high level and sustainable protection against cyberattacks. In particular, an adaptive anomaly detection framework model was developed using deep and machine learning algorithms to manage automatically-configured application-level firewalls. The standard network datasets were used to evaluate the proposed model which is designed for improving the cybersecurity system. The deep learning based on Long-Short Term Memory Recurrent Neural Network (LSTM-RNN) and machine learning algorithms namely Support Vector Machine (SVM), K-Nearest Neighbor (K-NN) algorithms were implemented to classify the Denial-of-Service attack (DoS) and Distributed Denial-of-Service (DDoS) attacks. The information gain method was applied to select the relevant features from the network dataset. These network features were significant to improve the classification algorithm. The system was used to classify DoS and DDoS attacks in four stand datasets namely KDD cup 199, NSL-KDD, ISCX, and ICI-ID2017. The empirical results indicate that the deep learning based on the LSTM-RNN algorithm has obtained the highest accuracy. The proposed system based on the LSTM-RNN algorithm produced the highest testing accuracy rate of 99.51% and 99.91% with respect to KDD Cup'99, NSL-KDD, ISCX, and ICI-Id2017 datasets, respectively. A comparative result analysis between the machine learning algorithms, namely SVM and KNN, and the deep learning algorithms based on the LSTM-RNN model is presented. Finally, it is concluded that the LSTM-RNN model is efficient and effective to improve the cybersecurity system for detecting anomaly-based cybersecurity.
在过去十年中,电信业取得了强劲且快速的发展。相应地,对于网络管理员而言,计算机和网络的监控变得过于复杂。因此,网络安全成为了网络安全社区可能面临的最大严峻挑战之一。考虑到电子银行、电子商务和商业数据将在计算机网络上共享,这些数据可能面临入侵威胁。本研究的目的是提出一种方法,以实现对网络攻击的高水平和可持续保护。具体而言,使用深度学习和机器学习算法开发了一种自适应异常检测框架模型,用于管理自动配置的应用层防火墙。使用标准网络数据集来评估所提出的旨在改进网络安全系统的模型。基于长短期记忆循环神经网络(LSTM-RNN)的深度学习以及机器学习算法,即支持向量机(SVM)、K近邻(K-NN)算法,被用于对拒绝服务攻击(DoS)和分布式拒绝服务(DDoS)攻击进行分类。应用信息增益方法从网络数据集中选择相关特征。这些网络特征对于改进分类算法具有重要意义。该系统用于在四个标准数据集,即KDD cup 199、NSL-KDD、ISCX和ICI-ID2017中对DoS和DDoS攻击进行分类。实证结果表明,基于LSTM-RNN算法的深度学习取得了最高的准确率。所提出的基于LSTM-RNN算法的系统在KDD Cup'99、NSL-KDD、ISCX和ICI-Id2017数据集上分别产生了99.51%和99.91%的最高测试准确率。给出了机器学习算法SVM和KNN与基于LSTM-RNN模型的深度学习算法之间的比较结果分析。最后得出结论,LSTM-RNN模型对于改进基于异常检测的网络安全系统是高效且有效的。
