An Autonomous Intrusion Detection System Using Ensemble of Advanced Learners
share
An intrusion detection system (IDS) is a vital security component of modern computer networks. With networks finding their ways into providing sensitive services, IDSs need to be more intelligent and autonomous. Aside from autonomy, another important attribute for an IDS is its ability to detect zero-day attacks. To address these issues in this paper we propose an IDS which reduces the amount of manual interaction and needed expert knowledge and is able to yield acceptable performance under zero-day attacks. Our approach is to use three learning techniques in parallel, gated recurrent unit (GRU), convolutional neural network as deep techniques and Random Forest as an ensemble technique. These systems are trained in parallel and the results are combined under two logics, majority vote and "OR" logic. We use the NSL-KDD dataset to verify the proficiency of our proposed system. Simulation results show that the system has the potential to operate with a very low technician interaction under the zero-day attacks. We achieved 87.28 NSL-KDD's "KDDTest+" dataset and 76.61 "KDDTest-21" with lower training time and lower needed computational resources.
READ FULL TEXT