308 Int. J. Data Mining, Modelling and Management, Vol. 12, No. 3, 2020 Copyright © 2020 Inderscience Enterprises Ltd. Weighted LSTM for intrusion detection and data mining to prevent attacks Meryem Amar* and Bouabid El Ouahidi I.P.S.S., Mohammed V University, Rabat, Morocco Email: amar.meryem@gmail.com Email: bouabid.ouahidi@gmail.com *Corresponding author Abstract: The usage of cloud opportunities brings not only resources and storage availability, but puts also customer’s privacy at stake. These services are carried out through web that generate log files. These files contain valuable information in tracking malicious behaviours. However, they are variant, voluminous and have high velocity. This paper structures input log files using data preparation treatment (DPT), anticipates missing features, and performs a weighted conversion to ease the discrimination of malicious activities. Regarding the robustness of deep learning in analysing high dimension databases, selecting dynamically features and detecting intrusions, our architecture avails its strength and proposes a weighted long short-term memory (WLSTM) deep learning algorithm. WLSTM mine network traffic predictors considering past events, and minimizes the vanishing gradient. Results prove its effectiveness; it achieves 98% of accuracy and reduces false alarm rates to 1.47%. For contextual malicious behaviours, the accuracy attained 97% and the loss was 22%. Keywords: cloud security breaches; intrusion-detection; weight of evidence; WoE; deep learning; long short-term memory; LSTM. Reference to this paper should be made as follows: Amar, M. and El Ouahidi, B. (2020) ‘Weighted LSTM for intrusion detection and data mining to prevent attacks’, Int. J. Data Mining, Modelling and Management, Vol. 12, No. 3, pp.308–329. Biographical notes: Meryem Amar is a business intelligence analyst and developer in data preparation (ETL) and reporting fields. She is interested in the subject of artificial intelligence and curious to find new approaches in detecting intrusions, attacks and malicious behaviours based on predictive models in cloud architecture. She is also a PhD student at the Mohammed V University in Intelligent Processing and Security of Systems (IPSS) Laboratory who made recent publications: Springer book LNCS (Advanced hybrid technique in detecting cloud web application’s attacks, 2019), Procedia Computer Science (A novel approach in detecting intrusions using NSLKDD database and MapReduce programming, 2017), other publications were made on the field of text mining to detect spams (Towards a new spam filter PV-DM – paragraph vector distributed memory approach). Bouabid El Ouahidi is teacher research in University Mohammed V, Rabat since 1993 on the field of cybersecurity. He received his PhD from the R&D of France Telecom and the University of Caen. He obtained another degree of Doctorate State Sciences in Networks and Distributed Systems from