Comparison of CNN and DNN Performance on Intrusion Detection System

Abstract

Intrusion Detection Systems (IDS) are being used to automatically identify and categorize intrusions or cyberattacks on network infrastructure and hosts in a timely manner. IDS can be divided into three groups based on the way it detects abnormalities: anomaly-based, signature-based, and hybrid IDS. Generally, a signature-based method works best against recognized cyberattacks, while an anomaly-based method works best against unrecognized or unprecedented cyberattacks. The anomaly-based detection system has a weakness because it has the potential to generate a high false-positive rate. Machine learning approaches are being used to construct models for detecting intrusion in the majority of anomaly-based IDS research conducted with artificial intelligence. However, because deep learning is projected to deliver higher performance and can handle feature selection automatically, deep learning techniques are continuing to be widely utilized for intrusion detection systems, in line with the expanding usage of deep learning in different domains. The performances of two deep learning techniques in IDS, namely Convolutional Neural Network and Deep Neural Network, are compared in this article. Precision, accuracy, and true positive rate/recall are the metrics used to evaluate performance. The dataset utilized in this investigation was the KDD Cup 99.