An Improved Deep Neuro-Fuzzy and Bi-Directional Gated Recurrent Unit Model for Distributed Denial of Service Attack Detection and Mitigation

Abstract

An intrusion detection system (IDS) is integral to a robust cybersecurity infrastructure. This study presents a comprehensive and advanced methodology for monitoring and detecting unwanted or malicious activities in network-oriented environments. The proposed IDS consists of three crucial stages: pre-processing, feature extraction and detection. A refined data normalization process ensures consistent and analyzable data format in the pre-processing stage. Feature extraction involves extracting various features, including statistical features, mutual information features, information gain and improved correlation. These features train the detection model to recognize patterns associated with malicious activity. A robust hybrid classifier for the detection phase is proposed, combining the Improved Deep Neuro-Fuzzy (IDNF) and Bi-Directional Gated Recurrent Unit (Bi-GRU) models. A novel hybrid optimization algorithm called the Archimedes Updated Poor and Rich algorithm (AUPRO) is introduced to optimize this model. By blending concepts from Archimedes and Poor Rich algorithms, AUPRO achieves an optimal weight configuration, resulting in superior detection accuracy and reduced false positives. The proposed system incorporates an enhanced mitigation strategy that utilizes information gathered during the detection phase. The system initiates a BAIT mitigation process to prevent or minimize damage caused by attacks effectively following the detection process. A comprehensive comparison is conducted against state-of-the-art models to evaluate the performance of the proposed system. Metrics such as accuracy, sensitivity, specificity, false negative rate, false positive rate, precision and other relevant factors are considered in the performance study. The results demonstrate the superiority of the proposed system, showcasing its ability to provide a heightened level of security and accuracy in detecting and mitigating network attacks. Organizations can bolster their cybersecurity measures by implementing this advanced approach to intrusion detection systems and proactively safeguard their networks from potential threats and attacks.