Deep Q-Learning based Reinforcement Learning Approach for Network Intrusion Detection

by   Hooman Alavizadeh, et al.

The rise of the new generation of cyber threats demands more sophisticated and intelligent cyber defense solutions equipped with autonomous agents capable of learning to make decisions without the knowledge of human experts. Several reinforcement learning methods (e.g., Markov) for automated network intrusion tasks have been proposed in recent years. In this paper, we introduce a new generation of network intrusion detection methods that combines a Q-learning-based reinforcement learning with a deep-feed forward neural network method for network intrusion detection. Our proposed Deep Q-Learning (DQL) model provides an ongoing auto-learning capability for a network environment that can detect different types of network intrusions using an automated trial-error approach and continuously enhance its detection capabilities. We provide the details of fine-tuning different hyperparameters involved in the DQL model for more effective self-learning. According to our extensive experimental results based on the NSL-KDD dataset, we confirm that the lower discount factor which is set as 0.001 under 250 episodes of training yields the best performance results. Our experimental results also show that our proposed DQL is highly effective in detecting different intrusion classes and outperforms other similar machine learning approaches.


page 2

page 3

page 4

page 7

page 8

page 10

page 11

page 12


Data Curation and Quality Assurance for Machine Learning-based Cyber Intrusion Detection

Intrusion detection is an essential task in the cyber threat environment...

Explaining Network Intrusion Detection System Using Explainable AI Framework

Cybersecurity is a domain where the data distribution is constantly chan...

Dependable Intrusion Detection System for IoT: A Deep Transfer Learning-based Approach

Security concerns for IoT applications have been alarming because of the...

Deep Learning-Based Intrusion Detection System for Advanced Metering Infrastructure

Smart grid is an alternative solution of the conventional power grid whi...

Graph-based Solutions with Residuals for Intrusion Detection: the Modified E-GraphSAGE and E-ResGAT Algorithms

The high volume of increasingly sophisticated cyber threats is drawing g...

DualNet: Locate Then Detect Effective Payload with Deep Attention Network

Network intrusion detection (NID) is an essential defense strategy that ...

Deep Down the Rabbit Hole: On References in Networks of Decoy Elements

Deception technology has proven to be a sound approach against threats t...