Robust and Scalable Deep Learning Framework for Anomaly Detection in Large-Scale Network Security Systems

Authors

  • Gurbakhsis Singh, Meenakshi Bansal

Keywords:

Cybersecurity, Real-Time Detection, Intrusion Detection, IoT Security.

Abstract

With the rising complexity of cyber threats, scalable and intelligent intrusion detection systems are critical for safeguarding large-scale networks. Traditional signature-based methods often miss zero-day attacks, while classic machine learning struggles with high-dimensional traffic data. This study presents a deep learning framework for accurate anomaly detection using the CICIDS2018 dataset, which includes diverse modern attack patterns. The proposed system employs Convolutional Neural Networks (CNN), Long Short-Term Memory (LSTM) networks, and a hybrid CNN-LSTM model to extract both spatial and temporal features from traffic data. Among the models, CNN-LSTM achieved the highest accuracy of 98.8%, surpassing CNN (97.9%) and LSTM (98.2%). Classical models like Support Vector Machine (SVM) and K-Nearest Neighbours (KNN) lagged behind, each scoring 91.8%. These findings highlight the superiority of deep learning in detecting complex intrusions. Future work will focus on real-time implementation, reduced computational costs, and the adoption of explainable AI for better transparency and usability in IoT and edge computing scenarios.

DOI: https://doi.org/10.17762/ijisae.v12i17s.7685

Downloads

Download data is not yet available.

References

Chen, Y., Lin, Q., Wei, W., Ji, J., Wong, K. C., & Coello, C. A. C. (2022). Intrusion detection using multi-objective evolutionary convolutional neural network for Internet of Things in Fog computing. Knowledge-based systems, 244, 108505.

Xu, H., Sun, Z., Cao, Y., & Bilal, H. (2023). A data-driven approach for intrusion and anomaly detection using automated machine learning for the Internet of Things. Soft Computing, 27(19), 14469-14481.

Ponniah, K. K., & Retnaswamy, B. (2023). A novel deep learning based intrusion detection system for the IoT-Cloud platform with blockchain and data encryption mechanisms. Journal of Intelligent & Fuzzy Systems, 45(6), 11707-11724.

Huang, S., & Lei, K. (2020). IGAN-IDS: An imbalanced generative adversarial network towards intrusion detection system in ad-hoc networks. Ad Hoc Networks, 105, 102177.

Kanimozhi, V., & Jacob, T. P. (2019, September). Artificial intelligence-based network intrusion detection with hyper-parameter optimization tuning on the realistic cyber dataset CSE-CIC-IDS2018 using cloud computing. ICT Express, 5(3), 211–214.

Karatas Baydogmus, G., Demir, Y., & Sahingoz, O. (2020, February). Increasing the performance of machine learning-based IDSs on an imbalanced and up-to-date dataset. IEEE Access.

Khan, M. A. (2021). HCRNNIDS: Hybrid convolutional recurrent neural network-based network intrusion detection system. Processes, 9(5), 834.

Khraisat, A., Gondal, I., Vamplew, P., & Kamruzzaman, J. (2019, December). Survey of intrusion detection systems: Techniques, datasets and challenges. Cybersecurity, 2(1), 20.

Lan, Y., Truong-Huu, T., Wu, J., & Teo, S. G. (2022). Cascaded multi-class network intrusion detection with decision tree and self-attentive model. In 2022 IEEE International Conference on Data Mining Workshops (ICDMW) (pp. 1–7). IEEE.

Layeghy, S., Baktashmotlagh, M., & Portmann, M. (2023, August). DI-NIDS: Domain invariant network intrusion detection system. Knowledge-Based Systems, 273, 110626.

Lin, P., Ye, K., & Xu, C.-Z. (2019, June). Dynamic network anomaly detection system by using deep learning techniques. In Smart Computing and Communication (pp. 161–176).

Liu, L., Wang, P., Lin, J., & Liu, L. (2020). Intrusion detection of imbalanced network traffic based on machine learning and deep learning. IEEE Access, 9, 7550–7563.

Khan, N., C, N., Negi, A., & Thaseen, S. (2020). Analysis on improving the performance of machine learning models using feature selection technique. In Proceedings (pp. 69–77).

Kumar, V., Sinha, D., Das, A. K., Pandey, S. C., & Goswami, R. T. (2020). An integrated rule based intrusion detection system: Analysis on UNSW-NB15 data set and the real time online dataset. Cluster Computing, 23(2), 1397–1418.

Kwon, D., Kim, H., Kim, J., Suh, S. C., Kim, I., & Kim, K. J. (2019). A survey of deep learning-based network anomaly detection. Cluster Computing, 22, 949–961.

Basnet, R. B., Shash, R., Johnson, C., Walgren, L., & Doleck, T. (2019, November). Towards detecting and classifying network intrusion traffic using deep learning frameworks. Journal of Internet Services and Information Security, 9(4), 1–17.

Begum, A., Dhilip Kumar, V., Asghar, J., Hemalatha, D., & Arulkumaran, G. (2022, September). A combined deep CNN–LSTM with a random forest approach for breast cancer diagnosis. Complexity, 2022, 1–9.

Chawla, A., Lee, B., Fallon, S., & Jacob, P. (2019). Host-based intrusion detection system with combined CNN/RNN model. In C. Alzate et al. (Eds.), ECML PKDD 2018 Workshops (Vol. 11329, pp. 149–158). Springer.

Farhan, B. I., & Jasim, A. D. (2023). Improving detection for intrusion using deep LSTM with hybrid feature selection method. Iraqi Journal of Information and Communication Technology, 6(1), 40–50.

Ferrag, M. A., Maglaras, L., Moschoyiannis, S., & Janicke, H. (2020). Deep learning for cybersecurity intrusion detection: Approaches, datasets, and comparative study. Journal of Information Security and Applications, 50, 102419.

Fitni, Q. R. S., & Ramli, K. (2020, July). Implementation of ensemble learning and feature selection for performance improvements in anomaly-based intrusion detection systems. In 2020 IEEE International Conference on Industry 4.0, Artificial Intelligence, and Communications Technology (IAICT) (pp. 118–124). IEEE.

Gamage, S., & Samarabandu, J. (2020, November). Deep learning methods in network intrusion detection: A survey and an objective comparison. Journal of Network and Computer Applications, 169, 102767.

Gumusbas, D., Yildirim, T., Genovese, A., & Scotti, F. (2021, June). A comprehensive survey of databases and deep learning methods for cybersecurity and intrusion detection systems. IEEE Systems Journal, 15(2), 1717–1731.

Hagar, A. A., & Gawali, B. W. (2022). Implementation of machine and deep learning algorithms for intrusion detection system. In Intelligent Communication Technologies and Virtual Mobile Networks: Proceedings of ICICV 2022 (pp. 1–20). Springer.

Hua, Y. (2020). An efficient traffic classification scheme using embedded feature selection and LightGBM. In 2020 Information Communication Technologies Conference (ICTC) (pp. 125–130). IEEE.

Huang, S., & Lei, K. (2020). IGAN-IDS: An imbalanced generative adversarial network towards intrusion detection system in ad-hoc networks. Ad Hoc Networks, 105, 102177.

Latah, M., & Toker, L. (2018). Towards an efficient anomaly-based intrusion detection for software-defined networks. IET Networks, 7(6), 453–459.

Naseer, S., Saleem, Y., Khalid, S., Bashir, M. K., Han, J., Iqbal, M. M., & Han, K. (2018). Enhanced network anomaly detection based on deep neural networks. IEEE Access, 6(8), 48231–48246.

Rathore, S., & Park, J. H. (2018). Semi-supervised learning based distributed attack detection framework for IoT. Applied Soft Computing Journal, 72, 79–89.

Roshan, S., Miche, Y., Akusok, A., & Lendasse, A. (2018). Adaptive and online network intrusion detection system using clustering and extreme learning machines. Journal of the Franklin Institute, 355(4), 1752–1779.

Saad Alqahtani, A. (2021). FSO-LSTM IDS: Hybrid optimized and ensembled deep-learning network-based intrusion detection system for smart networks. The Journal of Supercomputing, 78, 9438–9455.

Downloads

Published

23.02.2024

How to Cite

Gurbakhsis Singh. (2024). Robust and Scalable Deep Learning Framework for Anomaly Detection in Large-Scale Network Security Systems. International Journal of Intelligent Systems and Applications in Engineering, 12(17s), 928 –. Retrieved from https://www.ijisae.org/index.php/IJISAE/article/view/7685

Issue

Vol. 12 No. 17s (2024)

Section

Research Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.

IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.