Recurrent Neural Network Based Intrusion Detection System

Abstract

An increase in connectivity through the internet and increased freedom of data access has led to numerous attempts to attack network servers. These attacks have become sophisticated over time and hence difficult to detect using the existing Intrusion Detection Systems. Existing research in the field of IDS has not been able to categorize DDoS attacks with a fair degree of accuracy till date. It has been extremely difficult to strike the balance between accuracy and prediction time. This paper aims at using a LSTM based Machine Learning model to detect anomalies in the network traffic and redirecting all malicious requests to a honeypot based black hole server. This algorithm was trained and tested on the CICIDS2017 data set consisting of numerous attacks such as Patator based attacks, Web based Brute Force, DoS sloworis, DoS slowhttptest, DoS Hulk, DoS GoldenEye, DDoS LOIT and some other categorical attacks. The results exhibit a high degree of accuracy in detection of these attacks, and the model is suitable for use in existing distributed servers.