A network intrusion detection system based on convolutional neural network

Abstract

Intrusion detection systems (IDSs) play an important point in resisting hacker intrusion. With the rapid development of the network technology, network security has received more and more attention from researchers of different fields, and the traditional network security system based on the regular intrusion detection rules cannot meet the growing demand of changeable and timely intrusion prevention. Therefore, the development of efficient IDSs always is an open challenge. Firstly, a novel intrusion detection method based on the Convolutional Neural Network (CNN) is proposed in this paper. Secondly, based on the proposed method, an efficient, real-time and automated intrusion detection system named IDS-CNN is well designed. The system is built by several open source tools, such as the packet capture interface Tcpdump, the traffic analysis Bro and the machine learning interface Tensorflow. The system is composed of data preprocessing, neural network training, network testing and intrusion response based on Linux platform. Finally, through the simulation experiment with NSL-KDD data set and the actual network flow test, the experimental results indicate that the proposed IDS-CNN system can not only complete the intrusion detection for network data streams efficiently, but also its detection precision is better than the state-of-the-art method.