The rapid digitalization of the world has led to various attacks on computer systems and networks, so network security is an extremely important and relevant component of information security today. Creating effective cybersecurity tools and mechanisms is becoming increasingly difficult as the number of different devices and services grows. Identification of malicious traffic using deep learning methods has become a key component of intrusion detection systems (IDS). This article compares two deep learning models (recurrent neural network and convolutional neural network) for detecting anomalies in networks. Both neural networks were found to be useful in a wide range of applications. It has been shown that convolutional neural networks are best at detecting network anomalies in synergy with layers of long short-term memory. The development of deep learning technologies, including the considered neural network algorithms, is a promising direction in promoting the development of cybersecurity of information systems. These technologies are unique because they are at the initial stage of creation. The aforementioned technologies are currently not widespread in intrusion detection and network anomaly detection systems due to their novelty, so they require more thorough research. Conventional machine learning algorithms will eventually become insufficient, as they do not have such a good learning capability as deep learning neural networks do. The article provides a detailed analysis of the capabilities of recurrent and convolutional neural networks along with long short-term memory layers, which may be useful for use in further research.
Read full abstract