dc.description.abstract | Intrusion Detection Systems (IDS) play a vital role in detecting and thwarting harmful activities on the network. While traditional machine learning techniques have been employed in IDS, recent advancements in deep learning offer promising results for enhancing their performance. This study compares the effectiveness of various deep learning models applied to the CICIDS 2017 dataset, focusing on the impact of different sampling techniques on improving IDS efficiency and accuracy.
We evaluated seven deep learning models, including CNN Simple, CNN Deep, ANN, DNN, LSTM, GRU, and a hybrid model that we named CLAttNet, which combines Convolution, LSTM, and Attention mechanisms. The name CLAttNet was chosen for the sake of convenience in this study. We also investigated the impact of sampling techniques, such as No Resampling, Selective Oversampling, Selective Undersampling, Combined Sampling (SMOTE+Selective Undersampling), and SMOTE, on the performance of each model.
We assessed the models using a 5-fold cross-validation method, looking at Precision, Recall, Accuracy, F1-Score, ROC-AUC and Precision-Recall Curve AUC. Our findings demonstrate the potential of deep learning models to improve IDS performance by showing that the CLAttNet model consistently outperforms the other models, delivering the F1-Score (0.99288). Additionally, our experiment demonstrates that the SMOTE sampling method is a highly effective sampling strategy that improves the performance of most models, increasing IDS efficiency and accuracy, except for some models.
This study advances the field by showcasing how deep learning models and sampling strategies can improve IDS performance. The results provide a strong basis for further investigation to create deep learning-based IDS solutions that are more effective, precise, and scalable. The applications of our research indicate that employing CLAttNet can increase the performance of the IDS, hence boosting the ability to defend against the constantly changing environment of cyber threats. | |