Intrusion Detection System (IDS) with anomaly-based detection and deep learning application
A neural network model was proposed with the use of supervised techniques that allows improvement in a Network Intrusion Detection System (NIDS) that allows optimal detection of any type of network layer and achieved a value close to 100% accuracy.
Abstract
At present, deep learning techniques are widely used for the design of anomaly detection systems as an evolution of machine learning and where one of the most relevant properties is the disablement of the feature extraction technique, where the The model automatically does it, improving the speed at the time of processing the data. On the other hand, deep learning offers intelligent solutions in detecting various types of anomalies for computer and communication systems, which has allowed modernizing intrusion detection systems to guarantee a higher level of data security. With the construction of the article, a neural network model was proposed with the use of supervised techniques that allows improvement in a Network Intrusion Detection System (NIDS) that allows optimal detection of any type of network layer. The results revealed that the proposed neural network model with three hidden layers using a “swish” activation function, achieved a value close to 100% accuracy, demonstrating the ability to identify very well normal and anomalous data at the network layer. The dataset is proprietary and was obtained using a free rule-based Intrusion Detection System (IDS)-Suricata, complementing the information in a synthetic Excel database. It is important to note that not all rule-based and supervised machine learning-based IDSs perform adequately, because they generate high positives, which is why research continues with new models to improve the performance metrics.