Abstract—This paper presents a new approach to improve the detection of network security by combining feature selection with Long-Short-Term-Memory (LSTM) approaches. The SHapley Additive exPlanations (SHAP) values approach is utilized for feature selection, in conjunction with cross-validation, to identify the most effective set of features that improve model recall for each specific sort of assault. We employ the Network Security Laboratory-Knowledge Discovery in Databases (NSL-KDD) dataset to train and assess the efficacy of our model. The suggested model exhibits greater performance in comparison to standard LSTM models when utilizing all features. Furthermore, it surpasses current leading models with an accuracy of 99.74%, precision of 95.42%, recall of 94.92%, and F1-Score of 94.90%. In addition, the model demonstrates outstanding aptitude in precisely detecting Remote-to-Local (R2L) and User-to-Root (U2R) attacks, which are complex forms of intrusions that exploit vulnerabilities to gain unauthorized access to systems or networks. Although infrequent, these assaults provide a substantial risk because they have the ability to do substantial harm and compromise confidential data.
 
Keywords—intrusion detection systems, deep learning, SHapley Additive exPlanations (SHAP) values, Long-Short-Term-Memory (LSTM), feature selection


Copyright © 2024 by the authors. This is an open access article distributed under the Creative Commons Attribution License (CC BY-NC-ND 4.0), which permits use, distribution and reproduction in any medium, provided that the article is properly cited, the use is non-commercial and no modifications or adaptations are made.