Anomaly- Intrusion Detection Systems based on CSE-CIC-IDS2018 Dataset using Deep Learning Model

Abstract

An Intrusion Detection System (IDS) is a rapidly growing field that deals with detecting and responding to malicious network traffic and computer misuse. Artificial Intelligence (AI) plays a significant role in IDSs by providing an effective way to adapt and construct these systems. This thesis proposes an intelligent and efficient network intrusion detection system based on deep learning for attack detection and classification. The model is trained and tested using the realistic cyber defense dataset (CSE-CIC-IDS2018), which required several pre-processing tasks such as eliminating duplicate observations, clearing missing values, converting categorical data to numerical data, and performing feature scaling. Two approaches are proposed: the first maintains all attacks present in the dataset, along with the normal traffic. However, after analyzing the results, it was discovered that certain attacks were susceptible to misdetection. As a result, in the second approach, these misdetection-prone attacks were removed, which led to a significant improvement in accuracy, precision, recall, and F1-score. L2 regularization was implemented to avoid overfitting. The proposed deep learning model achieved impressive results, with an accuracy score of 99.97%, a precision score of 99.66%, a recall of 99.96%, and an F1-score of 99.81%. The findings demonstrate the effectiveness of deep learning in intrusion detection and emphasize the significance of meticulous data analysis and pre-processing.