See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/383172912

Enhancing Network Security: Intrusion Detection Systems with Hybridized CNN

and DNN Algorithms

Conference Paper · April 2024

DOI: 10.1109/SEB4SDG60871.2024.10630078

CITATION READS
1 46

6 authors, including:

Akande Hakeem Babalola Charles Awoniyi

University of Ilorin Lamar University
25 PUBLICATIONS 61 CITATIONS 3 PUBLICATIONS 3 CITATIONS

SEE PROFILE SEE PROFILE

Roseline Ogundokun Osuolale Abdulrahamon Tiamiyu

Landmark University University of Ilorin
203 PUBLICATIONS 2,348 CITATIONS 15 PUBLICATIONS 11 CITATIONS

SEE PROFILE SEE PROFILE

All content following this page was uploaded by Akande Hakeem Babalola on 26 November 2024.

The user has requested enhancement of the downloaded file.

2024 International Conference on Science, Engineering and Business for Driving Sustainable Development Goals (SEB4SDG) | 979-8-3503-5815-5/24/$31.00 ©2024 IEEE | DOI: 10.1109/SEB4SDG60871.2024.10630078

Enhancing Network Security: Intrusion Detection

Systems with Hybridized CNN and DNN Algorithms
1st Hakeem Babalola Akande 3rd Roseline Oluwaseun
Department of 2nd
Charles Awoniyi Ogundokun
Telecommunication Science Bupa Insurance Sevices, London, Department of Computer Science, 4th Ayopo Abdulkarim Oloyede
University of Ilorin United Kingdom. Landmark University Omu Aran, Department of
Ilorin, Nigeria [email protected] Nigeria. Telecommunication Science
[email protected] Department of Multimedia University of Ilorin
Engineering, Kaunas University Ilorin, Nigeria
of Technology, Kaunas, [email protected]
Lithuania.
[email protected],
[email protected], [0000-0002-2592-2824]
5th Osuolale Abdramon Yiamiyu
Department of 6th Adeniran Temitayo Caroline
Telecommunication Science Department of
University of Ilorin Telecommunication Science
Ilorin, Nigeria University of Ilorin
[email protected] Ilorin, Nigeria.
[email protected]

Abstract— Networks are vital in modern life. Cybersecurity is I. INTRODUCTION

essential for ensuring the security of network information. A
comprehensive network monitoring mechanism that detects and Intrusion detection systems refer to computer code programs
identifies all potential technological problems and infrastructure that facilitate carefully analyzing networking data to identify
issues on the node. While several existing systems are available, potential malicious assaults or violations of regulatory standards
they still encounter challenges in accurately detecting [1]. The primary duty for addressing incursion actions or
vulnerabilities and effectively reducing vigilance to identify breaches is with the network engineer. The escalation of online
intrusion attacks. The popularity of machine learning (ML) is attacks has led to the increased importance of intrusion detection
increasing. An all-encompassing approach to conceptualize systems inside the security infrastructure of many organizations
inventive infiltration with an unexpected structure. The machine [2, 3]. While monitoring networks for potentially harmful
learning approach identifies and differentiates between activity is essential, intrusion detection systems are well known
information derived from expertise and knowledge considered for their high sensitivity to false positives [4]. Consequently,
traditional or unorthodox. This research presents a unique organizations seek an affordable intrusion detection system that
method for enhancing intrusion detection using a hybrid can effectively identify many threats [5].
algorithm that combines the convolutional neural network (CNN)
and deep neural network (DNN). The intended Intrusion Firewalls and Intrusion Detection Systems (IDS) are often
Detection System (IDS) paradigm categorizes all packets to conflated. There exists a significant degree of variation among
identify network intrusions and classify them as either normal or various groups. A security system is essential as it is a protective
malicious. The accuracy of CNN was much higher than other measure that secures company data flow and mitigates the risk
classifiers, achieving a result of 99.18%. The five commonly used of unauthorized intrusions [6, 7]. In contrast, intrusion detection
measures for evaluating IDS performance are accuracy, precision, systems (IDS) are used to ascertain whether the network is being
recall, f1-score, and false positive rate (FPR). Ultimately, the attacked or if the firewall's obligatory security measures have
research suggests exploring the capabilities of hybrid CNN and been compromised [8, 9]. The importance of networking in our
DNN algorithms in different network settings. To enhance the everyday lives lies in its ability to facilitate the seamless
practical implementation and acceptance of cybersecurity
transmission of information. However, it is worth noting that
frameworks, it is recommended to undertake comparison studies
with current IDS approaches and consider real-world deployment
during data transfer, many obstacles may arise on the screen,
situations and scalability. This study is anticipated to make a potentially compromising the sensitivity of the computer screen
substantial contribution to the subject and is likely to interest both [10]. The Cyberscreen mode protects against benign intrusions
academic and industry practitioners. into computer networks, including antivirus programs and
gateways. These devices lack sufficient power to generate an
Keywords—Intrusion detection system, Machine learning, DNN, entirely novel mode of operation. The Anomaly Identification
CNN, Network security Service is well recognized for its ability to enhance integrity.

XXX-X-XXXX-XXXX-X/XX/$XX.00 ©20XX IEEE

Authorized licensed use limited to: University of Johannesburg. Downloaded on August 17,2024 at 09:25:56 UTC from IEEE Xplore. Restrictions apply.
Intrusion Detection Systems (IDS) include identifying, hiding, 4. The proposed technique for intrusion detection in
and analyzing all vulnerabilities in software programs and network systems substantially contributes to
network configurations [11]. cybersecurity.
The responsibility for network security lies with network The remaining part of the article is summarized as follows:
administrators and screening authorities, who are tasked with section 2 presents reviewed related works. The materials and
providing a secure environment for authorized users and methods used for the implementation are discussed in section 3.
safeguarding the internet service, sensitive information, and user Section 4 illustrates the results and their interpretations deduced
credentials. The reliance on online services has been more from the implementation conducted. The study is concluded in
prevalent among individuals, leading to a steady escalation in section 5.
their utilization. The impact of security breaches on individuals
in contemporary society is significant. Therefore, it is essential II. RELATED WORK
to develop efficient preventive strategies to protect users from Several research has shown that the intrusion detection
vulnerabilities that make them prone to assaults [12, 13]. model uses three main techniques: deep learning, traditional
Network Intrusion Detection Systems (NIDS) refer to system machine learning, and pattern similarity. In recent years, deep
designs used to identify and detect harmful activities inside a learning's popularity has skyrocketed to unprecedented levels.
network [12, 14]. Two primary categories of network intrusion Pattern similarity models were first put to use mainly for breach
detection systems exist: Signature-based Network Intrusion detection. A significant number of them make use of attribute
Detection Systems (SNIDS) and Anomaly Detection-based similarity to apply patterns that are comparable to their primary
Network Intrusion Detection Systems (ADNIDS). Intrusion core learning algorithm [15, 16]. Many frameworks have been
detection systems (IDS), or SNIDS, are designed to identify and used in the past and are well-established. The Knuth-Morris-
prevent unwanted access or intrusions by comparing patterns on Pratt (KMP) model, the Boyer-Moore (BM) model, the Boyer-
the characteristics for which they have been trained. The Moore-Harspool (BMH) model, the Boyer-Moore-Harspool-
ADNIDS system can detect anomalies by identifying deviations Sunday (BMHS) model, the Aho-Corasiek (AC) model, and the
from the typical traffic pattern [12]. Due to its susceptibility to AC-BM model are some examples of other models.
generating false alarms, using Anomaly-based Network
Intrusion Detection Systems (ADNIDS) is sometimes seen as Based on the findings of the trials, an efficient method for
less favourable than Signature-based Network Intrusion performing pattern similarity computations was identified and
Detection Systems (SNIDS) to detect network intrusions. The implemented. The commonplace concept of pattern similarity,
use of several artificial intelligence methodologies constitutes however, has a significant defect. They don't understand how
the primary tactics employed in the field of SNIDS. Machine intrusion detection systems function. The fundamental purpose
learning methods have been used to create Network Intrusion of this research is to build a cheap algorithm that can cut down
Detection Systems (NIDS) for anomaly detection, owing to their on both the time and money spent on false positives.
ability to efficiently and effectively identify patterns from Using a multi-algorithm paradigm to search for intrusion
historical data. However, a limitation of machine learning detection activities, Denning [17] was the first to demonstrate
methods is their dependence on training and testing using that IDS computers could learn. An expert has concluded that
datasets that may include distinct characteristics compared to the the model must have manually crafted the pattern of those
new datasets to which they are subsequently applied. This characteristics. An SVM-based contemporary machine-learning
observation catalyzes further exploration into deep learning model was developed [18]. Using KDD99 datasets, the
techniques, which exhibit considerable potential due to their experiment found three features with 91% accuracy, thirty-six
resilience and effectiveness in addressing issues characterized features with 99% accuracy, and forty-one features with 99%
by numerous characteristics [12]. accuracy, respectively.
Hence, this study proposed a hybrid algorithm combining The KNN algorithm and other traditional machine-learning
Convolutional Neural Network (CNN) and Deep Neural techniques improved an earlier model. Both the K-means
Network (DNN) for intrusion detection. The primary objective clustering approach and the K-nearest neighbours classifier were
of this novel methodology is to improve the precision of IDS by used to develop this model [19]. The most advanced intrusion
classifying network packets into either normal or malicious detection system (IDS) intelligence machine for malware
categories. By doing so, it effectively tackles the difficulties detection is CANN, which was created from this architecture.
associated with accurately detecting vulnerabilities, reducing For even better results using a convolutional neural network
vigilance, and recognizing intrusion attempts. The main (CANN), another piece of research [19, 20] advises combining
contribution of the study is listed as follows: a traditional classifier with a random forest. With an accuracy of
1. Introduction of a novel hybrid algorithm combining 94.7%, the hybrid model, which used random forest as its main
CNN and DNN. classifier machine, obtained better results than the competitors.
It has been proposed that the use of an artificial neural network
2. Addressing the challenges related to the accuracy of (ANN) might be advantageous for a random forest (RF) [21].
detecting vulnerabilities in network security. When applied to NSL-KDD, the ANN model attained an
3. This study uses machine learning techniques to identify accuracy of over 81% and a classification rate of 79% for
trends and differentiate between conventional and malicious detection and network attack classification,
atypical data effectively. respectively. The model reached both of these results. The NSL-
KDD framework has inspired a Decision tree (DT) intrusion

Authorized licensed use limited to: University of Johannesburg. Downloaded on August 17,2024 at 09:25:56 UTC from IEEE Xplore. Restrictions apply.
detection model that has been presented [23]. The trial results III. MATERIALS AND METHODS
were available online, and it was determined that DT's
performance on the IDS detection classification task proved A. Description of Dataset
satisfactory. The explanation before this one suggests that The NSL dataset was created by Tavallaee et al. in [32] using
identifying threats to intrusion detection systems (IDS) may be information from the KDDCUP'99 database. The KDD-NSL
significantly enhanced by increasing traditional machine detection technique is evaluated more often in KDDCUP'99
learning. On the other hand, the majority of them needed since it was developed earlier. However, the KDDCUP'99
extensive attribute extraction and a significant amount of pre- record tends to add repeated records and has some unnecessary
processing that was scaled up. The use of a machine-learning tuples. Reference: Tavallaee et al. [32] After KDDCUP'99,
classification strategy cannot manage large amounts of data NSL-KDD files are often required for resolution recording.
pertaining to incursions. NSL-KDD recordings have been considered equivalent to other
records ever since. A membership vector A with 41 choices and
Deep learning, a new kind of neural network with a highly labels may represent each item in the NSL-KDD record. The
complex network topology, was initially developed in the early forty-one capabilities are classified into three classes. The same
2010s. When applied to classifying images, deep learning server and service capabilities, including prioritizing traffic as
showed exceptional performance. In addition, deep learning has the primary function. The class identifier is the class to which
become the gold standard for a wide range of CS-related the stream is directed. Types of Intruders: There are four distinct
problems, such as image processing [24], speech recognition assault methods. DoS, Probing, U2R, and R2L. There are four
[25], LSTM [26], SDAE [27], and Word embedding and LSTM files in NSL-KDD. There are now two hundred iterations of
[28]. KDD Train+ available: the 20 percent KDD Train+ and the 21st
Ref [29] proposed the usage of an auto-encoder-based deep iteration of the KDD Test. His KDDTest+ set, however, may be
learning model. Utilizing the assistance of NSL-KDD, they KDDTest-21. The 21st disc is included in this. KDD Train+,
examined the self-taught learning (STL) paradigm. The subject KDD Test+, and KDD Test 21 are data sets that demonstrate the
may be divided into two main process groups, which will be model mixing capabilities enabled by CNN formulae.
explained in depth later on. Before proceeding with the compact B. Data Pre-processing
attribute representation approach, it is crucial to train a dataset
containing unlabelled data. Subsequently, the labelled data will Data preparation plays a crucial role in the creation of machine
be used to train the learning representation features, which can learning models, particularly in the context of intrusion
then be utilized to classify IDS tasks. The experiment used the detection systems. The procedure, as mentioned earlier,
STL method, with groups ranging from two classes to twenty- encompasses the act of purifying and converting unprocessed
three. The results indicate that STL obtained an accuracy rate of data into a format suitable for analysis, hence exerting a direct
88.39%, whilst the 5-class classification produced an accuracy influence on the precision of the detection system. The process
rate of 79.10%. consists of several stages: data collection, where a variety of data
sources are gathered for analysis; data cleaning, which involves
A deep learning model was developed by fusing deep belief addressing missing values and outliers to improve data quality;
networks (DBNs) with probabilistic neural networks [30]. DBN data transformation, which ensures consistent scaling and
is responsible for transforming data from low-dimensional encoding to avoid biased model training; feature selection,
representations to non-linear representations without losing which reduces complexity and prevents overfitting by focusing
essential features of the original data. Particle swarm on essential features; feature engineering, which involves
optimization is used to fine-tune the learning of the hidden layer. creating new features to capture intricate data patterns; data
Last, probabilistic neural network (PNN) detection is used in splitting, which divides the dataset into training and testing sets
IDS detection. Experiments showed that DBN-PNN attained an to assess the model's performance on unseen data; handling
accuracy rate of 93.25%. Compared to prior work that used a imbalanced data, which involves employing techniques to
PCA technique to improve dimensional reduction and address skewed class distribution for unbiased predictions; and
combination in conjunction with probabilistic neural networks data visualization, which utilizes charts and graphs to gain
(PNN), DBN-PNN performed much better. insights into data patterns and assist with feature selection.
For the IDS challenge, another research presented a deep C. Deep Learning Models
learning model based on a deep belief network (DBN) [31]. This
Prior research has shown the potential of various machine
approach incorporates two crucial procedures: They took two
learning techniques in accurately predicting incursion on NSL
measures: First, a restricted Boltzmann machine (RBM) was
KDD datasets. Nevertheless, due to the elevated risk of false
used for incremental learning; second, the hidden layer vector
positives in shallow learning, this research focuses on deep
was inferred from the known layer vector. The vector manifest
learning techniques, which belong to a subfield of machine
for the next layer represents the hidden layer. The final RBM
learning that enhances and propels shallow learning. Deep
method's output vector is used as an input vector in both
learning enables the modelling of intricate connections and ideas
processes, which merge backpropagation networks formed by
via the use of multiple representations [33]. This study included
the technique. The DBM model is 95.25 percent accurate in its
the combination of Convolutional Neural Networks (CNN) and
measurements. This achieves a performance boost of 89.07%
Deep Neural Networks (DNN) to create an Intrusion Detection
compared to backpropagation and an increase of 91.36%
System (IDS).
compared to SVM.

Authorized licensed use limited to: University of Johannesburg. Downloaded on August 17,2024 at 09:25:56 UTC from IEEE Xplore. Restrictions apply.
D. Proposed Hybrid CNN and DNN
As developed, the Hybrid CNN and DNN model embodies an
intricate amalgamation of spatial and sequential data processing
techniques to enhance intrusion detection capabilities. The
hybrid technique shown in this study combines the spatial
feature extraction capabilities of CNNs with the ability of DNNs
to capture sequential relationships, resulting in a more
sophisticated solution. CNN have exceptional proficiency in
identifying intricate patterns within network data. On the other
hand, DNNs, especially those with recurrent layers such as long
short-term memory (LSTM) networks, successfully capture
temporal associations. Combining many components enables
the model to effectively evaluate network data, improving
precision in identifying complex intrusion patterns. The hybrid
model enhances accuracy and generalization while mitigating
false positives, making it a robust tool for real-time intrusion
detection in cybersecurity applications. Thorough data
preparation and meticulous hyperparameter adjustment are
necessary to optimize the hybrid model's efficiency and
usefulness within a realistic context. Figure 1 shows the
framework for the proposed system.
The algorithm of the proposed model is found below
1. Conv1D Layer (CNN): Extracts features using
convolutional filters.
• Filters: 64
• Kernel size: 3
• Activation: ReLU
• Padding: "same"
Fig. 1. Proposed Hybrid System Framework.
• Input shape: (122, 1)
2. MaxPooling1D Layer (CNN): Performs max pooling to IV. RESULTS AND DISCUSSION
reduce the spatial dimensions of the output volume.
The preparation of data is a crucial aspect of the
3. BatchNormalization Layer (CNN): Normalizes the implementation of deep learning algorithms. The first obstacle
activations of the previous layer at each batch. was converting the class names into categories representing four
4. Flatten Layer (CNN): Flattens the 3D output to 1D to distinct assault kinds. The raw data was divided into five
prepare for Dense layers. different groups, one of which was labelled as "normal." We
used a 3-fold cross-validation technique to partition the data for
5. Dense Layer (DNN): 128 units with ReLU activation. validation purposes. Subsequently, the data underwent
6. Dense Layer (DNN): 64 units with ReLU activation. normalization and pre-processing in a scalar format to serve as
input for the neural networks.
7. Dense Layer (Output Layer): 5 units with softmax
activation for multi-class classification. The accuracy of the CNN model, as created by CNN, was
observed to be 98.97% without any hyperparameter adjustment.
Following experimental protocols, the epoch size for each
approach was established at 50. It has been discovered that the
Deep Neural Network (DNN) achieved a level of accuracy up to
99.15%. The hybrid CNN-DNN model exhibited high similarity
to the DNN model. The model had a peak accuracy rate of
99.18%. Our study used a 3x3 filter size for the CNN-DNN
model, resulting in a remarkable accuracy rate of 99.18%. The
combination of Convolutional Neural Network (CNN) and Deep
Neural Network (DNN), with a Softmax activation function,
exhibits superior performance compared to other methods. This
is shown by reaching an accuracy rate of 99.18%, as seen in
Figure 2. The Relu function was used for the convolutional
layer, while the Softmax function was utilized as the activation
function for 50 epochs. The confusion matrix for all the models
is shown in Figure 3. Figure 4 and Figure 5 show the Receiver
Operating Characteristics (ROC) and precision-recall curves,

Authorized licensed use limited to: University of Johannesburg. Downloaded on August 17,2024 at 09:25:56 UTC from IEEE Xplore. Restrictions apply.
respectively. These curves represent the data of the algorithms
that have attained the best accuracy. We conducted many
iterations of kernel widths and pooling lengths to get optimal
outcomes.

(a)

(b)

(b)

(c)
Fig. 2. Implemented Models Accuracy and Entropy Losses.

(c)

Fig. 3. Implemented Models Confusion Matrix

(a)

(a)

Authorized licensed use limited to: University of Johannesburg. Downloaded on August 17,2024 at 09:25:56 UTC from IEEE Xplore. Restrictions apply.
 (b) (b)

(c) (c)

Fig. 4. Implemented Models of ROC curves Fig. 5. Implemented Models Precision-Recall Curves

V. CONCLUSION
This study demonstrates the efficacy of a hybrid model
combining Convolutional Neural Network (CNN) and Deep
Neural Network (DNN) for network intrusion detection.
Remarkable levels of precision were attained on a conventional
NSL-KDD dataset without using any hyperparameter tweaking
techniques. This study demonstrates that deep learning
techniques have considerable potential and efficacy in anomaly
detection and intrusion prevention domains. Our future
endeavors include designing trials to refine this hybrid
technique to achieve enhanced levels of accuracy. Additionally,
we want to conduct experiments using the algorithm on a
functioning network.
REFERENCES
[1] R. O. Ogundokun, M. Odusami, D. Sisodia, J. B. Awotunde & D. P.
(a) Tiwari, (2022, October). A Novel PCA-Logistic Regression for Intrusion
Detection System. In International Conference on Information Systems

Authorized licensed use limited to: University of Johannesburg. Downloaded on August 17,2024 at 09:25:56 UTC from IEEE Xplore. Restrictions apply.
 and Management Science (pp. 575-588). Cham: Springer International Management and Application (SKIMA 2014), pp 1-6, 2015, doi:
Publishing. 10.1109/SKIMA.2014.7083539.
[2] G. Bottazzi & G. Me (2015). A survey on financial botnets threat. In [19] E. Sandhya and A. Kumarappan, "Enhancing the Performance of an
Global Security, Safety and Sustainability: Tomorrow's Challenges of Intrusion Detection System Using Spider Monkey Optimization in IoT",
Cyber Security: 10th International Conference, ICGS3 2015, London, Int. J. Intell. Eng. Syst., Vol. 14, No. 6, pp. 30–39, 2021, doi:
UK, September 15-17, 2015. Proceedings 10 (pp. 172-181). Springer 10.22266/ijies2021.1231.04.
International Publishing. [20] J. Zhang, M. Zulkernine, and A. Haque, "Random-forests-based network
[3] S. Yeom & K. Kim (2019). Detail analysis on machine learning-based intrusion detection systems", IEEE Trans. Syst. Man Cybern. Part C Appl.
malicious network traffic classification. In Proc. Int. Conf. Smart Media Rev., Vol. 38, No. 5, pp. 649–659, 2008, doi:
Appl (pp. 49-53). 10.1109/TSMCC.2008.923876.
[4] R. O. Ogundokun, J. B. Awotunde, P. Sadiku, E. A. Adeniyi, M. Abiodun [21] B. Ingre and A. Yadav, "Performance analysis of NSL-KDD dataset using
& O. I. Dauda (2021). An enhanced intrusion detection system using ANN", In: Proc. of Int. Conf. Signal Process. Commun. Eng. Syst. Proc.
particle swarm optimization feature extraction technique. Procedia SPACES 2015, Assoc. with IEEE, pp. 92–96, Mar. 2015, doi:
Computer Science, 193, 504-512. 10.1109/SPACES.2015.7058223.
[5] S. Ullah, M. A. Khan, J. Ahmad, S. S. Jamal, Z. e Huma, M. T. Hassan, [22] B. Ingre, A. Yadav, and A. K. Soni, "Decision Tree Based Intrusion
... & W. J. Buchanan (2022). HDL-IDS: a hybrid deep learning Detection System for NSL-KDD Dataset", Smart Innov. Syst. Technol.,
architecture for intrusion detection in the Internet of Vehicles. Sensors, Vol. 84, pp. 207–218, 2017, doi: 10.1007/978-3-319-63645-0_23.
22(4), 1340. [23] Hanafi, A. Pranolo, and Y. Mao, "Cae-covidx: Automatic covid-19
[6] Y. Otoum, D. Liu, & A. Nayak. (2022). DL‐IDS: a deep learning–based disease detection based on x-ray images using enhanced deep
intrusion detection framework for securing IoT. Transactions on convolutional and autoencoder", Int. J. Adv. Intell. Informatics, Vol. 7,
Emerging Telecommunications Technologies, 33(3), e3803. No. 1, pp. 49–62, 2021, doi: 10.26555/ijain.v7i1.577.
[7] R. O. Ogundokun, S. Misra, A. N. Babatunde & S. Chockalingam (2022, [24] Hanafi, A. Suryana and A. S. B. H. Basari, "Paper Survey and Example
May). Cyber intrusion detection system based on machine learning of Collaborative Filtering Implementation in Recommender System", J.
classification approaches. In 2022 International Conference on Applied Theor. Appl. Inf. Technol., Vol. 95, No. 16, 2017.
Artificial Intelligence (ICAPAI) (pp. 1-6). IEEE. [25] Hanafi, N. Suryana, and A. S. B. H. Basari, "Convolutional-NN and word
[8] S. Sengan, O. I. Khalaf, D. K. Sharma & A. A. Hamad (2022). Secured embedding for making an effective product recommendation based on
and privacy-based IDS for healthcare systems on E-medical data using enhanced contextual understanding of a product review", Int. J. Adv. Sci.
machine learning approach. International Journal of Reliable and Quality Eng. Inf. Technol., Vol. 9, No. 3, pp. 1063–1070, 2019, doi:
E-Healthcare (IJRQEH), 11(3), 1-11. 10.18517/ijaseit.9.3.8843.
[9] R. O. Ogundokun, U. Basil, A. N. Babatunde, A. T. Abdulahi, A. R. [26] Hanafi, N. Suryana, and A. S. H. Basari, "Deep Contextual of Document
Adenike & A. A. Adebiyi. (2023, April). Intrusion Detection Systems Using Deep LSTM Meet Matrix Factorization to Handle Sparse Data:
Based on Machine Learning Approaches: A Systematic Review. In 2023 Proposed Model", J. Phys. Conf. Ser., Vol. 1577, No. 1, 2020, doi:
International Conference on Science, Engineering and Business for 10.1088/1742-6596/1577/1/012002.
Sustainable Development Goals (SEB-SDG) (Vol. 1, pp. 01-04). IEEE. [27] Hanafi and B. M. Aboobaider, "Word Sequential Using Deep LSTM and
[10] F. Ullah, S. Ullah, G. Srivastava & J. C. W. Lin (2023). IDS-INT: Matrix Factorization to Handle Rating Sparse Data for E-Commerce
Intrusion detection system using transformer-based transfer learning for Recommender System", Comput. Intell. Neurosci., Vol. 2021, No. 1,
imbalanced network traffic. Digital Communications and Networks. 2021, doi: https://doi.org/10.1155/2021/8751173 Research.
[11] O. H. Abdulganiyu, T. Ait Tchakoucht, & Y. K. Saheed. (2023). A [28] Q. Niyaz, W. Sun, A. Javaid, and M. Alam, "A deep learning approach
systematic literature review for network intrusion detection system (IDS). for network intrusion detection system", Eprints. Eudl. Eu, 2016, doi:
International Journal of Information Security, 1-38. 10.4108/eai.3-12-2015.2262516.
[12] S. Gurung, M. K. Ghose & A. Subedi. (2019). Deep learning approach on [29] G. Zhao, C. Zhang, and L. Zheng, "Intrusion detection using deep belief
network intrusion detection system using NSL-KDD dataset. network and probabilistic neural network", In: Proc. of International
International Journal of Computer Network and Information Security, Conference on Computational Science and Engineering (CSE) and
11(3), 8-14. International Conference on Embedded and Ubiquitous Computing
[13] M. Chowdhury & K. Nygard. (2018, March). Machine learning within a (EUC) 2017, pp. 639-642, doi: 10.1109/CSE-EUC.2017.119.
con resistant trust model. In The 33rd International Conference on [30] F. Qu, J. Zhang, Z. Shao, and S. Qi, "An intrusion detection model based
Computers and Their Applications (CATA 2018) (pp. 19-21). on deep belief network", In: Proc. of International Conference on
[14] B. A. Forouzan & D. Mukhopadhyay. (2011). Cryptography and network Network, Communication and Computing (ICNCC) 2017, pp. 97–101,
security (Sie). McGraw-Hill Education. Dec. 2017, doi: 10.1145/3171592.3171598.
[15] H. Zhang, "Design of intrusion detection system based on a new pattern [31] M. Z. Alom, V. Bontupalli, and T. M. Taha, "Intrusion detection using
matching algorithm", In: Proc. of 2009 Int. Conf. Comput. Eng. Technol. deep belief networks", In: Proc. of National Aerospace and Electronics
ICCET 2009, Vol. 1, pp. 545–548, 2009, doi: 10.1109/ICCET.2009.244. Conference (NAECON), 2015, pp. 333–344, doi:
10.1109/NAECON.2015.7443094.
[16] C. Yin, "An Improved BM Pattern Matching Algorithm in Intrusion
Detection System", Appl. Mech. Mater., Vol. 148–149, pp. 1145–1148, [32] M. Tavallaee, E. Bagheri, W. Lu & A. A. Ghorbani. (2009, July). A
2012, doi: 10.4028/WWW.SCIENTIFIC.NET/AMM.148-149.1145. detailed analysis of the KDD CUP 99 data set. In 2009 IEEE symposium
on computational intelligence for security and defense applications (pp.
[17] D. E. Denning, "An Intrusion-Detection Model", IEEE Trans. Softw.
1-6). IEEE.
Eng., Vol. 13, No. 2, pp. 222–232, 1987.
[33] N. Shone, T. N. Ngoc, V. D. Phai & Q. Shi. (2018). A deep learning
[18] M. Pervez and D. Farid, "Feature selection and intrusion classification in
approach to network intrusion detection. IEEE transactions on emerging
NSL-KDD cup 99 dataset employing SVMs", In: Proc. of the 8th
topics in computational intelligence, 2(1), 41-50.
International Conference on Software, Knowledge, Information

Authorized licensed use limited to: University of Johannesburg. Downloaded on August 17,2024 at 09:25:56 UTC from IEEE Xplore. Restrictions apply.

View publication stats