Cybersecurity refers to the actions that are used by people and companies to protect themselves and their information from cyber threats. Different security methods have been proposed for detecting network abnormal behavior, but some effective attacks are still a major concern in the computer community. Many security gaps, like Denial of Service, spam, phishing, and other types of attacks, are reported daily, and the attack numbers are growing. Intrusion detection is a security protection method that is used to detect and report any abnormal traffic automatically that may affect network security, such as internal attacks, external attacks, and maloperations. This paper proposed an anomaly intrusion detection system method based on a new RNA encoding method and ResNet50 Model, where the encoding is done by splitting the training records into different groups. These groups are protocol, service, flag, and digit, and each group is represented by the number of RNA characters that can represent the group's values. The RNA encoding phase converts network traffic records into RNA sequences, allowing for a comprehensive representation of the dataset. The detection model, utilizing the ResNet architecture, effectively tackles training challenges and achieves high detection rates for different attack types. The KDD-Cup99 Dataset is used for both training and testing. The testing dataset includes new attacks that do not appear in the training dataset, which means the system can detect new attacks in the future. The efficiency of the suggested anomaly intrusion detection system is done by calculating the detection rate (DR), false alarm rate (FAR), and accuracy. The achieved DR, FAR, and accuracy are equal to 96.24%, 6.133%, and 95.99%. The experimental results exhibit that the RNA encoding method can improve intrusion detection.
Read full abstract