Intrusion Detection and Classification with Autoencoded Deep Neural Network

  • Shahadate RezvyEmail author
  • Miltos Petridis
  • Aboubaker Lasebae
  • Tahmina Zebin
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11359)


A Network Intrusion Detection System is a critical component of every internet connected system due to likely attacks from both external and internal sources. A NIDS is used to detect network born attacks such as denial of service attacks, malware, and intruders that are operating within the system. Neural networks have become an increasingly popular solution for network intrusion detection. Their capability of learning complex patterns and behaviors make them a suitable solution for differentiating between normal traffic and network attacks. In this paper, we have applied a deep autoencoded dense neural network algorithm for detecting intrusion or attacks in network connection and evaluated the algorithm with the benchmark NSL-KDD dataset. Our results showed an excellent performance with an overall detection accuracy of 99.3% for Probe, Remote to Local, Denial of Service and User to Root type of attacks. We also presented a comparison with recent approaches used in literature which showed a substantial improvement in terms of accuracy and speed of detection with the proposed algorithm.


Deep learning Secure computing Intrusion detection system Autoencoder Dense neural network 


  1. 1.
    Shone, N., Ngoc, T.N., Phai, V.D., et al.: A deep learning approach to network intrusion detection. IEEE Trans. Emerg. Top. Comput. Intell. 2(1), 41–50 (2018)CrossRefGoogle Scholar
  2. 2.
    Lee, B., Amaresh, S., Green, C., et al.: Comparative study of deep learning models for network intrusion detection. SMU Data Sci. Rev. 1(1), Article 8 (2018)Google Scholar
  3. 3.
  4. 4.
    Liu, H., Lang, B., Liu, M., et al.: CNN and RNN based payload classification methods for attack detection. Knowl.-Based Syst. (2018)Google Scholar
  5. 5.
    McHugh, J.: Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Trans. Inf. Syst. Secur. 3(4), 262–294 (2000)CrossRefGoogle Scholar
  6. 6.
    Mirsky, Y., Doitshman, T., Elovici, Y., et al.: Kitsune: an ensemble of autoencoders for online network intrusion detection. CoRR, vol. 1802.09089 (2018)Google Scholar
  7. 7.
    Salama, M.A., Eid, H.F., Ramadan, R.A., Darwish, A., Hassanien, A.E.: Hybrid intelligent intrusion detection scheme. In: Gaspar-Cunha, A., Takahashi, R., Schaefer, G., Costa, L. (eds.) Soft Computing in Industrial Applications. Advances in Intelligent and Soft Computing, vol. 96, pp. 293–303. Springer, Heidelberg (2011). Scholar
  8. 8.
    Naoum, R.S., Abid, N.A., Al-Sultani, Z.N.: An enhanced resilient backpropagation artificial neural network for intrusion detection system. Int. J. Comput. Sci. Netw. Secur. 12, 11 (2012)Google Scholar
  9. 9.
    Pandeeswari, N., Kumar, G.: Anomaly detection system in cloud environment using fuzzy clustering based ANN. Mob. Netw. Appl. 21(3), 494–505 (2016)CrossRefGoogle Scholar
  10. 10.
    Gao, N., Gao, L., Gao, Q., et al.: An intrusion detection model based on deep belief networks. In: 2014 Second International Conference on Advanced Cloud and Big Data, pp. 247–252, November 2014Google Scholar
  11. 11.
    Kaynar, O., Yüksek, A.G., Görmez, Y., et al.: Intrusion detection with autoencoder based deep learning machine. In: 25th Signal Processing and Communications Applications Conference (SIU), pp. 1–4, May 2017Google Scholar
  12. 12.
    Li, Y., Ma, R., Jiao, R.: A hybrid malicious code detection method based on deep learning (2015)CrossRefGoogle Scholar
  13. 13.
    Potluri, S., Diedrich, C.: Accelerated deep neural networks for enhanced intrusion detection system. In: 2016 IEEE 21st International Conference on Emerging Technologies and Factory Automation (ETFA), pp. 1–8, September 2016Google Scholar
  14. 14.
    Li, Z., Qin, Z., Huang, K., Yang, X., Ye, S.: Intrusion detection using convolutional neural networks for representation learning. In: Liu, D., Xie, S., Li, Y., Zhao, D., El-Alfy, E.S. (eds.) ICONIP 2017. LNCS, vol. 10638, pp. 858–866. Springer, Cham (2017). Scholar
  15. 15.
    Vinayakumar, R., Soman, K.P., Poornachandran, P.: Applying convolutional neural network for network intrusion detection. In: 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 1222–1228, September 2017Google Scholar
  16. 16.
    Farahnakian, F., Heikkonen, J.: A deep auto-encoder based approach for intrusion detection system. In: 2018 18th International Conference on Advanced Communication Technology, pp. 1–6, February 2018Google Scholar
  17. 17.
    Dhanabal, L., Shantharajah, S.: A study on NSL-KDD dataset for intrusion detection system based on classification algorithms. Int. J. Adv. Res. Comput. Commun. Eng. 4(6), 446–452 (2015)Google Scholar
  18. 18.
    Tavallaee, M., Bagheri, E., Lu, W., et al.: A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6, July 2009Google Scholar
  19. 19.
    Chollet, F.: Keras: the python deep learning library (2013).
  20. 20.
    Sokolova, M., Lapalme, G.: A systematic analysis of performance measures for classification tasks. Inf. Process. Manage. 45(4), 427–437 (2009)CrossRefGoogle Scholar
  21. 21.
    Javaid, A., Niyaz, Q., Sun, W., et al.: A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (Formerly BIONETICS), BICT 2015, New York City, United States, pp. 21–26. ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering) (2016)Google Scholar
  22. 22.
    Abawajy, J., Huda, S., Sharmeen, S., et al.: Identifying cyber threats to mobile-IoT applications in edge computing paradigm. Future Gener. Comput. Syst. 89, 525–538 (2018)CrossRefGoogle Scholar
  23. 23.
    Tensorflow lite: A new mobile-specific library (2017).
  24. 24.
    Awid dataset - wireless security datasets project (2014).
  25. 25.
    Moustafa, N., Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 Military Communications and Information Systems Conference (MilCIS), pp. 1–6, November 2015Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Middlesex UniversityLondonUK
  2. 2.University of ManchesterManchesterUK

Personalised recommendations