A Neural Network based NIDS framework for intrusion detection in contemporary network traffic

Abstract

Most of the anomaly based Network Intrusion Detection Systems (NIDSs) proposed in the literature have been evaluated on the legacy NSL-KDD dataset. The NSL-KDD dataset do not truely represent the complex data patterns and low footprint stealth attacks of the contemporary network traffic. Therefore, NIDS frameworks trained on NSL-KDD dataset are not well suited for anomaly detection in modern day network traffic. To address this issue, we have used the contemporary UNSW-NB15 dataset to train a Neural Network based NIDS framework for real time anomaly detection in modern day network traffic. The proposed NIDS framework uses convex Logistic Regression cost functions along with stochastic gradient descent and simulated annealing to fine tune various hyperparameters of the Neural Network based NIDS classifier. Experimental results on the contemporary UNSW-NB15 dataset show that the proposed NIDS framework achieves high detection rate against wide range of modern day network attacks, while maintaining a relatively low false alarm rate.