Anomaly intrusion detection using deep learning

Abstract

As computer networks grow due to massive usage, also network attackers are exploring sophisticated ways to exploit the networks hence causing huge damages and loses. Efforts to eradicate network intrusions are always in gear and lately deep learning methods have been used for intrusion detection. However, there still exists a challenge of inadequate real live network based datasets to train deep learning model as most existing datasets are snapshots of real live network environments and others are not publicly available due to privacy rights. Therefore, this study proposed an LSTM model trained and tested with the new dataset that has been developed on a real live network that contains both normal and attack traffic. The LSTM model achieved a training accuracy of 99.92% and a testing accuracy of 99.96%. The proposed model has been validated using Simple RNN model and the hybrid model where both of them performed well which is a clear indicator that deep learning is the ideal method for modelling an intrusion classification model. One existing real network-based dataset has been used for performance evaluation of the three deep learning-based models in this study. The study has two major contributions; A labelled network traffic dataset used for classification of network intrusion threat and hybrid deep learning model composed of LSTM and simple RNN for the classification of intrusion detection threats.