HEMA – IDS: A Hybrid Multi Architecture Ensemble IDS for Prediction of Malicious Network Traffic
摘要
The uninterrupted growth in the use of programs and software over the Internet can lead businesses, companies and individuals to potential exposure to serious cyber threats. Regarding the implementation of innovative technological solutions, the scientific community strives to develop approaches which would effectively guard the end users and end services from adversarial cyber threats. For the purpose of the research effort, the Kitsune Network attack dataset was used. The focus of this study is on enhancing networks’ security for the detection of 9 different Cyber Attacks versus normal flow by introducing an innovative Ensemble Model consisting of three (3) Hybrid Neural Networks (HNN) of different architectures. Each HNN comprises of a different combination of Artificial Neural Networks (ANN) components, namely Deep Neural Networks (DNN), Convolutional Neural Networks (CNN) and Recurrent Neural Networks with Long-Short Term Memories (RNN-LSTM) layers. The final prediction of the proposed process derives from a Custom Vote approach, following the Weighted Vote and the Majority Vote principles. HEMA – IDS was successfully validated on the aforementioned dataset with overall accuracy of 91,43% during the training phase and 89.95% during the testing phase. For the validation of the model, the 10-fold cross validation was used. Five classification indices (Sensitivity, Specificity, Accuracy, F1-Score and Precision) were calculated following the “One-Versus-All Strategy” for each class. The high values of the performance indices on the testing data, indicate a robust tool that can be used in real life to significantly reduce the exposure of the network’s users, paving the way for further research efforts.