Paper Info
Title
Deep learning methods in network intrusion detection: A survey and an objective comparison
Abstract
The use of deep learning models for the network intrusion detection task has been an active area of research in cybersecurity. Although several excellent surveys cover the growing body of research on this topic, the literature lacks an objective comparison of the different deep learning models within a controlled environment, especially on recent intrusion detection datasets. In this paper, we first introduce a taxonomy of deep learning models in intrusion detection and summarize the research papers on this topic. Then we train and evaluate four key deep learning models - feed-forward neural network, autoencoder, deep belief network and long short-term memory network - for the intrusion classification task on two legacy datasets (KDD 99, NSL-KDD) and two modern datasets (CIC-IDS2017, CIC-IDS2018). Our results suggest that deep feed-forward neural networks yield desirable evaluation metrics on all four datasets in terms of accuracy, F1-score and training and inference time. The results also indicate that two popular semi-supervised learning models, autoencoders and deep belief networks do not perform better than supervised feed-forward neural networks. The implementation and the complete set of results have been released for future use by the research community. Finally, we discuss the issues in the research literature that were revealed in the survey and suggest several potential future directions for research in machine learning methods for intrusion detection.
Year
DOI
Venue
2020
10.1016/j.jnca.2020.102767
Journal of Network and Computer Applications
Keywords
DocType
Volume
Network intrusion detection,Deep learning,Deep neural networks,Survey
Journal
169
ISSN
Citations 
PageRank 
1084-8045
4
0.40
References 
Authors
0
2
Name
Order
Citations
PageRank
Sunanda Gamage140.40
Jagath Samarabandu213320.50