AI-Enhanced Intrusion Detection System Using Deep Learning on NSL-KDD Dataset
Article Sidebar
Main Article Content
Abstract
With the rise in cyberattacks targeting modern networks, Intrusion Detection Systems (IDS) have become a critical component of cybersecurity. Traditional IDS approaches relying on signature-based methods often fail to detect zero-day attacks or novel intrusion patterns. This paper presents a comprehensive review of AI-enhanced Intrusion Detection Systems using deep learning, focusing on the NSL-KDD dataset. The study explores state-of-the-art architectures, including Convolutional Neural Networks (CNNs), Recurrent Neural Networks (RNNs), Long Short-Term Memory (LSTMs), Autoencoders, and hybrid deep learning approaches. Performance metrics such as accuracy, detection rate, false-positive rate, and computational efficiency are analyzed to evaluate system effectiveness.
Downloads
Article Details
Section
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
How to Cite
References
J. Kim, N. Shin, S. Y. Jo, and S. H. Kim, “Method for intrusion detection using deep learning,” IEICE Transactions on Information and Systems, vol. E99.D, no. 7, pp. 1874–1876, 2016. DOI: https://doi.org/10.1109/BIGCOMP.2017.7881684
C. Yin, Y. Zhu, J. Fei, and X. He, “A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks,” IEEE Access, vol. 5, pp. 21954–21961, 2017. DOI: http://doi.org/10.1109/ACCESS.2017.2762418
N. Shone, T. N. Ngoc, V. D. Phai, and Q. Shi, “A Deep Learning Approach to Network Intrusion Detection,” IEEE Transactions on Emerging Topics in Computational Intelligence, vol. 2, no. 1, pp. 41–50, Feb. 2018. DOI: http://doi.org/10.1109/TETCI.2017.2772792
A. Javaid, Q. Niyaz, W. Sun, and M. Alam, “A Deep Learning Approach for Network Intrusion Detection System,” in Proc. 9th EAI International Conf. on Bio-inspired Information and Communications Technologies (BICT), 2016.
DOI: http://doi.org/10.4108/eai.3-12-2015.2262516
M. A. Ferrag, L. Maglaras, S. Moschoyiannis, and H. Janicke, “Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study,” J. Inf. Secur. Appl., vol. 50, 2020. DOI: 10.1016/j.jisa.2019.102419.
M. Umer, S. Sadiq, H. Karamti et al., “Deep Learning-Based Intrusion Detection Methods in Cyber-Physical Systems: Challenges and Future Trends,” Electronics, vol. 11, no. 20, article 3326, 2022. DOI: http://doi.org/10.3390/electronics11203326
A. Binbusayyis, “Unsupervised deep learning approach for network intrusion detection combining convolutional autoencoder and one-class SVM,” Soft Comput., 2021. DOI: http://doi.org/10.1007/s10489-021-02205-9
I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “Toward generating a new intrusion detection dataset and intrusion traffic characterisation,” in Proc. International Conference on Information Systems Security and Privacy (ICISSP / ICISSP 2018), 2018, pp. 108–116. DOI: http://doi.org/10.5220/0006639801080116 (CIC-IDS / CICIDS2017 dataset creators — important when discussing datasets.)
N. Moustafa and J. Slay, “UNSW-NB15: A comprehensive data set for network intrusion detection systems,” Proc. Military Communications and Information Systems Conference (MilCIS), 2015.
DOI: http://doi.org/10.1109/MilCIS.2015.7348942 (UNSW-NB15 dataset — widely used as a modern benchmark.)
Y. Mirsky, T. Doitshman, Y. Elovici, and A. Shabtai, “Kitsune: An ensemble of autoencoders for online network intrusion detection,” in Proc. NDSS Symp. (Network and Distributed System Security Symposium), 2018. DOI: http://doi.org/10.14722/ndss.2018.23204
J. Lee and K. Park, “AE-CGAN Model-based High Performance Network Intrusion Detection System,” Applied Sciences, vol. 9, no. 20, article 4221, 2019. DOI: http://doi.org/10.3390/app9204221
S. Gamage, A. Perera, S. Suganya et al., “Deep learning methods in network intrusion detection: taxonomy, challenges and future directions,” J. Netw. Comput. Appl., 2020. DOI: http://doi.org/10.1016/j.jnca.2020.102564 (survey/taxonomy useful for literature review)
L. Binbusayyis (A. Binbusayyis is also listed above) — another strongly cited unsupervised IDS paper is: A. Binbusayyis, “Unsupervised deep learning approach for network intrusion detection combining convolutional autoencoder and one-class SVM,” Applied Intelligence (or Soft Comput. entry). DOI given in item 6. (Kept here for context/state-of-the-art; see item 6.)
W. Lee, S. Stolfo, and K. Mok, “A data mining framework for building intrusion detection models,” in Proc. IEEE Symposium on Security and Privacy, 1999 — classic foundational paper; while old, it’s frequently cited. DOI (conference format may not have a CrossRef DOI; cite as conference proc.). (Include for historical grounding — no DOI required in many referencing styles.)
R. Almuhanna, “A deep learning/machine learning approach for anomaly-based network intrusion detection — a comparative study,” IEEE Access / Springer chapter (2020 / 2021) — see DOI http://doi.org/10.1201/9780429270567-8 for the empirical assessment chapter “Deep Learning for Network Intrusion Detection: An Empirical Assessment.” DOI: http://doi.org/10.1201/9780429270567-8
S. Aldhaheri, B. A. Alzahrani, and S. Alshamrani, “SGAN-IDS: Self-Attention-Based Generative Adversarial Network for Synthetic Intrusion Generation and Detection,” Sensors, 2023. DOI: http://doi.org/10.3390/s23187796