In this paper, we present a comparative evaluation of deep learning approaches to network intrusion detection. A Network Intrusion Detection System (NIDS) is a critical component of every Internet connected system due to likely attacks from both external and internal sources. A NIDS is used to detect network born attacks such as Denial of Service (DoS) attacks, malware replication, and intruders that are operating within the system. Multiple deep learning approaches have been proposed for intrusion detection systems. We evaluate three models, a vanilla deep neural net (DNN), self-taught learning (STL) approach, and Recurrent Neural Network (RNN) based Long Short Term Memory (LSTM) on their accuracy and precision. Their performance is evaluated using the network intrusion dataset provided by Knowledge Discovery in Databases (KDD). This dataset was used for the third international Knowledge Discovery and Data Mining Tools competition held in conjunction with KDD Cup 1999. The results were then compared to a baseline shallow algorithm that uses multinomial logistic regression to evaluate if deep learning models perform better on this dataset.
Lee, Brian; Amaresh, Sandhya; Green, Clifford; and Engels, Daniel
"Comparative Study of Deep Learning Models for Network Intrusion Detection,"
SMU Data Science Review: Vol. 1:
1, Article 8.
Available at: https://scholar.smu.edu/datasciencereview/vol1/iss1/8
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial 4.0 License
Artificial Intelligence and Robotics Commons, Digital Communications and Networking Commons, Information Security Commons, Other Computer Engineering Commons, Other Computer Sciences Commons, Programming Languages and Compilers Commons