Author/Authors :
Alkahtani, Hasan College of Computer Science and Information Technology - King Faisal University, Al-Ahsa, Saudi Arabia , Aldhyani Theyazn H. H. College of Computer Science and Information Technology - King Faisal University, Al-Ahsa, Saudi Arabia , Al-Yaari, Mohammed College of Computer Science and Information Technology - King Faisal University, Al-Ahsa, Saudi Arabia
Abstract :
Telecommunication has registered strong and rapid growth in the past decade. Accordingly, the monitoring of computers andnetworks is too complicated for network administrators. Hence, network security represents one of the biggest seriouschallenges that can be faced by network security communities. Taking into consideration the fact that e-banking, e-commerce,and business data will be shared on the computer network, these data may face a threat from intrusion. The purpose of thisresearch is to propose a methodology that will lead to a high level and sustainable protection against cyberattacks. In particular,an adaptive anomaly detection framework model was developed using deep and machine learning algorithms to manageautomatically-configured application-levelfirewalls. The standard network datasets were used to evaluate the proposed modelwhich is designed for improving the cybersecurity system. The deep learning based on Long-Short Term Memory RecurrentNeural Network (LSTM-RNN) and machine learning algorithms namely Support Vector Machine (SVM), K-Nearest Neighbor(K-NN) algorithms were implemented to classify the Denial-of-Service attack (DoS) and Distributed Denial-of-Service (DDoS)attacks. The information gain method was applied to select the relevant features from the network dataset. These network features were significant to improve the classification algorithm. The system was used to classify DoS and DDoS attacks in fourstand datasets namely KDD cup 199, NSL-KDD, ISCX, and ICI-ID2017. The empirical results indicate that the deep learning based on the LSTM-RNN algorithm has obtained the highest accuracy. The proposed system based on the LSTM-RNNalgorithm produced the highest testing accuracy rate of 99.51% and 99.91% with respect to KDD Cup’99, NSL-KDD, ISCX, andICI-Id2017 datasets, respectively. A comparative result analysis between the machine learning algorithms, namely SVM and KNN,and the deep learning algorithms based on the LSTM-RNN model is presented. Finally, it is concluded that the LSTM-RNN modelis efficient and effective to improve the cybersecurity system for detecting anomaly-based cybersecurity
