A novel context-aware feature extraction method for convolutional neural network-based intrusion detection systems

Abstract

To create a safe and secure cyberspace, many researchers have created and proposed Intrusion Detection Systems (IDSs). Different types of IDSs are either designed to address only a single kind of intrusion or multiple variants. In this paper, we proposed a new context-aware feature extraction method as a pre-processing step for Convolutional Neural Network (CNN)-based multiclass intrusion detection. Feature selection is also used to reduce the feature space and classification time. For attack-type classification, we used CNN which is generally well-known for its better classification ability on image recognition tasks. We have exploited this ability to develop an IDS that can identify different types of intrusions ranging from 4 to 12 types. In our study, we evaluated our proposed Context-aware Feature Extraction-based CNN IDS on different datasets with multiple classes where it was able to successfully improve classification accuracy compared to the models with no preprocessing steps and other existing methods. We carried out the performance evaluation and comparison using four different datasets, NSL-KDD, CICIDS2017, ADFA-LD, and ADFA-WD. These datasets have either host-based or network-based features, which is another area that we investigated in this paper.