Volume 9 - Issue 4
Towards Detecting and Classifying Network Intrusion Traffic Using Deep Learning Frameworks
- Ram B. Basnet
Colorado Mesa University, Grand Junction, CO 81501 USA
rbasnet@coloradomesa.edu
- Riad Shash
Colorado Mesa University, Grand Junction, CO 81501 USA
rshash@mavs.coloradomesa.edu
- Clayton Johnson
Colorado Mesa University, Grand Junction, CO 81501 USA
cpjohnson@mavs.coloradomesa.edu
- Lucas Walgren
Colorado Mesa University, Grand Junction, CO 81501 USA
lawalgren@mavs.coloradomesa.edu
- Tenzin Doleck
McGill University, Quebec, CA
tenzin.doleck@mail.mcgill.ca
Keywords: Intrusion Detection, Deep Learning, Network Security, Web Security, Brute Force, Machine Learning, IDS
Abstract
Recent breakthroughs in deep learning algorithms have enabled researchers and practitioners to make
significant progress in various hard computer science problems and applications from computer vision
and perception, natural language processing and interpretation to complex reasoning tasks such
as playing board games (e.g., Go, Chess, etc.) and even overthrowing human champions. Considering
the expected acceleration and increase in computer threats, in this article, we explore the utility
and capability of deep learning algorithms in the important area of network intrusion detection.
We apply and compare various state-of-the-art deep learning frameworks (e.g., Keras, TensorFlow,
Theano, fast.ai, and PyTorch) in detecting network intrusion traffic and also in classifying common
network attack types using the recent CSE-CIC-IDS2018 dataset. Experimental results show that
fast.ai, a highly opinionated wrapper for PyTorch, provided the highest accuracy of about 99% with
low false positive and negative rates in both detecting and classifying various intrusion types. Our
results provide evidence of the utility of various deep learning frameworks detecting network intrusion
traffic.