Anomaly Network-based Intrusion Detection Model Based on Hybrid CNN-LSTM and Attention Mechanism
DOI:
https://doi.org/10.11113/ijic.v15n1.524Keywords:
Anomaly-Based Intrusion Detection Model (ANIDM) Convolutional Neural Network (CNN), Long Short-Term Memory (LSTM), Attention Mechanism, NF-UNSW-NB15-v2Abstract
With the growing frequency of network attacks, traditional anomaly-based intrusion detection models often fail to identify advanced attack patterns and suffer from high false positive rates. This paper proposes a hybrid deep learning model integrating Convolutional Neural Network (CNN), Long Short-Term Memory (LSTM), and an Attention Mechanism to enhance detection accuracy and robustness. Leveraging CNNs for spatial feature extraction, LSTMs for temporal pattern recognition, and Attention Mechanisms for prioritizing critical data, the model effectively identifies diverse intrusion types. Using the NF-UNSW-NB15-v2 dataset, this research incorporates advanced preprocessing techniques such as Recursive Feature Elimination with Cross-Validation (RFECV) and Synthetic Minority Oversampling Technique (SMOTE). Experimental results demonstrate improved performance across key metrics, offering a robust framework for real-time intrusion detection in complex network environments.
