A Method For Network Intrusion Detection Using Deep Learning

Abstract

In an increasingly digitally reliant world, organizations are facing the ever more challenging problem of how to best defend their digital information and infrastructure. Current non-machine learning methods for detecting network intrusion, like signature-based and anomaly-based algorithms, are slow and unreliable. Signature based detection holds signatures, or known information and warning signs, about a known attack and compares them to the current flow of data. If a signature matches with the network activity, users and network administrators are notified. Anomaly based detection is where the system monitors current network traffic and compares it to a set baseline traffic. Again, if any unusual traffic occurs, members of the network are notified. In this research, new advancements in deep learning algorithms are used to bolster the defenses of digital networks. Neural networks are used to create a multi-class classifier, which will determine whether the network activity is a certain type of malicious attack or benign. We will use the CICIDS2017 dataset (Canadian Institute of Cybersecurity), which is a state-of-the-art network intrusion dataset composed of computer network activity, including multiple types of attacks such as DDoS, SQL Injection, and Brute Force. This research proposes a more precise network intrusion detection system (NIDS) to accurately detect malicious network activity. Better NIDSs will also prevent cybercrime and create a safer internet for all users.