A hybrid intrusion detection method based on multi-convolutional neural networks fusion and grey wolf optimizer
摘要
Network security is one of the main concerns of everyday communication via computer networks, and intrusion detection systems play a considerable role in guarding computer networks against cyber threats. Given that Machine Learning (ML) and Deep Learning (DL) approaches are fundamental to Intrusion Detection Systems (IDSs), creating a precise detection mechanism is complex, and there is still room for enhancing the performance of multi-class IDSs. Conventional approaches usually feed feature vectors into the model, collectively analyzing all the features, potentially making IDSs more complex. Hence, the primary objective of this paper is to develop an IDS by employing a fusion-based technique that utilizes multiple Convolutional Neural Networks (CNNs). To achieve this objective, it is imperative to carefully choose a suitable mix of input features and ascertain an adequate topology. Initially, the hyperparameters were fine-tuned, and the features within a unit window were grouped into clusters, with each cluster inputting into a CNN model. During the subsequent phase, features derived from the multi-CNN fusion-based method were fine-tuned using the Grey Wolf Optimizer (GWO) to produce the most favorable results. Ultimately, Gaussian Naive Bayes (GNB) was used to categorize various forms of attack. In this article, the NSL-KDD dataset was utilized to both train and test the model. The findings demonstrate that the KDDTest+ dataset achieved an accuracy of 89.51%, a precision of 81.56%, a recall of 84.67%, and an F1-score of 82.74%. The metrics for the KDDTest-21 dataset are as follows: 80.4, 71.92, 81.39, and 72.12. Hence, the findings indicate that the MCNN-GWO-GNB model is proficient in identifying network intrusions, and the architecture of multi-CNN fusion has the potential for further investigation in this domain.