Network Anomaly Intrusion Detection Based on Deep Learning Approach

Yung Chung Wang, Yi Chun Houng, Han Xuan Chen, Shu Ming Tseng*

*此作品的通信作者

研究成果: 期刊稿件文章同行評審

28 引文 斯高帕斯(Scopus)

摘要

The prevalence of internet usage leads to diverse internet traffic, which may contain information about various types of internet attacks. In recent years, many researchers have applied deep learning technology to intrusion detection systems and obtained fairly strong recognition results. However, most experiments have used old datasets, so they could not reflect the latest attack information. In this paper, a current state of the CSE-CIC-IDS2018 dataset and standard evaluation metrics has been employed to evaluate the proposed mechanism. After preprocessing the dataset, six models—deep neural network (DNN), convolutional neural network (CNN), recurrent neural network (RNN), long short-term memory (LSTM), CNN + RNN and CNN + LSTM—were constructed to judge whether network traffic comprised a malicious attack. In addition, multi-classification experiments were conducted to sort traffic into benign traffic and six categories of malicious attacks: BruteForce, Denial-of-service (DoS), Web Attacks, Infiltration, Botnet, and Distributed denial-of-service (DDoS). Each model showed a high accuracy in various experiments, and their multi-class classification accuracy were above 98%. Compared with the intrusion detection system (IDS) of other papers, the proposed model effectively improves the detection performance. Moreover, the inference time for the combinations of CNN + RNN and CNN + LSTM is longer than that of the individual DNN, RNN and CNN. Therefore, the DNN, RNN and CNN are better than CNN + RNN and CNN + LSTM for considering the implementation of the algorithm in the IDS device.

原文英語
文章編號2171
期刊Sensors
23
發行號4
DOIs
出版狀態已出版 - 15 02 2023
對外發佈

文獻附註

Publisher Copyright:
© 2023 by the authors.

指紋

深入研究「Network Anomaly Intrusion Detection Based on Deep Learning Approach」主題。共同形成了獨特的指紋。

引用此