Hybrid Approach for Improving Intrusion Detection Based on Deep Learning and Machine Learning Techniques

  • Merna GamalEmail author
  • Hala AbbasEmail author
  • Rowayda SadekEmail author
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 1153)


An intrusion detection system works to recognize the attacks using either the signature or signature-less method. The signature-less method suffers from a lot of false alarms that affect accuracy and recall. Commonly used IDS (intrusion detection system) Dataset experiences imbalance which causes a high false alarms rate. Nowadays CNN (convolution neural network) excels in image and computer vision. Using CNN in IDS is promising. The paper proposes a hybrid approach between CNN and ML (SVM, KNN). CNN is efficiently utilized to get important features from the dataset. Then ML used to classify the data. Using the hybrid approaches to benefit from the advantage of machine learning (high accuracy, Low false alarms) and Deep learning which deal with a large amount of data and reduce the number of feature of the dataset (feature extraction). In this paper we used 10% of KDDcup1999 dataset. The experimental results showed enhancement in the detection accuracy to 99.3 and reduction in losses to 0.03.


CNN (Convolution Neural Network) SVM (Support Vector Machine) KNN (K-Nearest Neighbor) ML (Machine learning) 


  1. 1.
    Milan, H.S., Singh, K.: Reducing false alarms in intrusion detection systems – a survey. Int. Res. J. Eng. Technol. (IRJET) 05(02), 9–12 (2018)Google Scholar
  2. 2.
    Abdullah, B., Abd-Alghafar, I., Salama, G.I., Abd-Alhafez, A.: Performance evaluation of a genetic algorithm based approach to network intrusion detection system. In: 13th International Conference on Aerospace Sciences and Aviation Technology (ASAT), 26–28 May 2009 (2009)Google Scholar
  3. 3.
    Ashoor, A.S., Gore, S.: Importance of intrusion detection system (IDS). Int. J. Sci. Eng. Res. 2(1), 1–4 (2011)Google Scholar
  4. 4.
    Modi, C.N., Acha, K.: Virtualization layer security challenges and intrusion detection/prevention systems in cloud computing: a comprehensive review. J. Supercomput. 73(3), 1–43 (2016)Google Scholar
  5. 5.
    Louridas, P., Ebert, C.: Machine learning. IEEE Softw. 33(5), 110–115 (2016)CrossRefGoogle Scholar
  6. 6.
    Jordan, M.I., Mitchell, T.M.: Machine learning: trends, perspectives, and prospects. Science 349(6245), 255–260 (2015)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Lecun, Y., Bengio, Y., Hinton, G.: Deep learning. Nature 521(7553), 436–444 (2015)CrossRefGoogle Scholar
  8. 8.
    Xin, Y., Kong, L., Liu, Z.: Machine learning and deep learning methods for cyber security. IEEE Access 1–9 (2017)Google Scholar
  9. 9.
    Coelho, I.M., Coelho, V.N., Luz, E.J.D.: A GPU deep learning metaheuristic based model for time series forecasting. Elsevier 201(1), 412–418 (2017)Google Scholar
  10. 10.
    Deng, L., Yu, D.: Deep learning: methods and applications. Found Trends® Signal Process 7(3), 197–387 (2014)MathSciNetCrossRefGoogle Scholar
  11. 11.
    Vinayakumar, R., Soman, K.P.: Applying convolutional neural network for network intrusion detection. In: International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 1222–1228 (2017)Google Scholar
  12. 12.
    Kapoor, A.J., Fan, H.: Intelligent detection using convolutional neural network (ID-CNN). In: Earth and Environmental Science, pp. 1–10 (2019)Google Scholar
  13. 13.
    Liu, H., Lang, B.: Machine learning and deep learning methods for intrusion detection systems: a survey. In: Applied Sciences, PP. 1–28 (2019)Google Scholar
  14. 14.
    Patgiri, R., Akutota, T.: An investigation on intrusion detection system using machine learning. In: IEEE Symposium Series on Computational Intelligence SSCI, pp. 1684–1691 (2018)Google Scholar
  15. 15.
    Shon, T., Kim, Y., Lee, C., Moon, J.: A machine learning framework for network anomaly detection using SVM and GA. In: Proceedings of the IEEE, pp. 176–183 (2005)Google Scholar
  16. 16.
    Liao, Y., Vemuri, R.V.: Use of k-nearest neighbor classifier for intrusion detection. In: ICACCI, pp. 1–10 (2016)Google Scholar
  17. 17.
    Shirazi, H.M.: Anomaly intrusion detection using information theory, k-NN and KMC algorithms. Aust. J. Basic Appl. Sci. 3(3), 2581–2597 (2009)Google Scholar
  18. 18.
    Vishwakarma, S., Sharma, V., Tiwari, A.: An intrusion detection system using KNN-ACO algorithm. Int. J. Comput. Appl. 171(10), 13–23 (2017)Google Scholar
  19. 19.
    Dada, E.G.: A hybridized SVM-KNN-pdAPSO approach to intrusion detection system. Fac. Semin. Ser. 8, 1–8 (2017)Google Scholar
  20. 20.
    Tang, T.A., Mhamdi, L., McLernon, D., Zaidi, S.A.R., Ghogho, M.: Deep learning approach for network intrusion detection in software-defined networking. In: International Conference on Wireless Networks and Mobile Communications (WINCOM), pp. 1–6, October 2016Google Scholar
  21. 21.
    Kokila, R.T., Selvi, S.T., Govindarajan, K.: DDoS detection and analysis in SDN-based environment using support vector machine classifier. In: Sixth International Conference on Advanced Computing, pp. 205–210 (2015)Google Scholar
  22. 22.
    Chowdhury, M.M.U., Hammond, F., Konowicz, G.: A few-shot deep learning approach for improved intrusion detection. In: IEEE, pp. 456–462 (2017)Google Scholar
  23. 23.
    Liu, Y., Liu, S.: Intrusion detection algorithm based on convolutional neural network. In: International Conference on Engineering Technology and Application, pp. 9–13 (2017)Google Scholar
  24. 24.
    Meena, G., Choudhary, R.R.: A review paper on IDS classification using KDD 99 and NSL KDD dataset in WEKA. In: International Conference on Computer, Communications, and Electronics, pp. 553–558 (2017)Google Scholar
  25. 25.

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Department of Information TechnologyHelwan UniversityCairoEgypt
  2. 2.Department of Computer ScienceHelwan UniversityCairoEgypt

Personalised recommendations