Learning to Detect: A Data-driven Approach for Network Intrusion Detection

by   Zachary Tauscher, et al.

With massive data being generated daily and the ever-increasing interconnectivity of the world's Internet infrastructures, a machine learning based intrusion detection system (IDS) has become a vital component to protect our economic and national security. In this paper, we perform a comprehensive study on NSL-KDD, a network traffic dataset, by visualizing patterns and employing different learning-based models to detect cyber attacks. Unlike previous shallow learning and deep learning models that use the single learning model approach for intrusion detection, we adopt a hierarchy strategy, in which the intrusion and normal behavior are classified firstly, and then the specific types of attacks are classified. We demonstrate the advantage of the unsupervised representation learning model in binary intrusion detection tasks. Besides, we alleviate the data imbalance problem with SVM-SMOTE oversampling technique in 4-class classification and further demonstrate the effectiveness and the drawback of the oversampling mechanism with a deep neural network as a base model.


page 3

page 5


Data Curation and Quality Assurance for Machine Learning-based Cyber Intrusion Detection

Intrusion detection is an essential task in the cyber threat environment...

Anomaly-Based Intrusion Detection by Machine Learning: A Case Study on Probing Attacks to an Institutional Network

Cyber attacks constitute a significant threat to organizations with impl...

SOME/IP Intrusion Detection using Deep Learning-based Sequential Models in Automotive Ethernet Networks

Intrusion Detection Systems are widely used to detect cyberattacks, espe...

CANet: An Unsupervised Intrusion Detection System for High Dimensional CAN Bus Data

We propose a novel neural network architecture for detecting intrusions ...

Network Intrusion Detection with Limited Labeled Data

With the increasing dependency of daily life over computer networks, the...

Network Activities Recognition and Analysis Based on Supervised Machine Learning Classification Methods Using J48 and Naïve Bayes Algorithm

Network activities recognition has always been a significant component o...

Please sign up or login with your details

Forgot password? Click here to reset