Intrusion Detection system based on Deep Learning

Abstract

As the number of devices on the internet increases, the need to protect against intrusions becomes crucial. An Intrusion Detection System (IDS) distinguishes incoming malicious network data from benign data. Traditional signature-based IDS are vulnerable to novel attacks, bringing the need for anomaly-based IDS that use machine learning to detect newer attacks.

The thesis aims to research anomaly-based IDS focusing on deep learning methods. Traditional deep learning approaches are compared with Generative Adversarial Networks (GAN) and adversarial machine learning approaches. The methods are evaluated using statistical measures on two different datasets. During the evaluation phase, adversarial samples are considered along with benign and known attack samples. Finally, the best approach is benchmarked against existing open-source anomaly-based IDS.

An approach employing a GAN to create adversarial samples performs better than all the other considered approaches. Additionally, the approach performs on par with existing anomaly-based IDS in the case of adversarial data points. We conclude that GAN-based approaches can be further developed to create intrusion detection systems that effectively defend against novel and adversarial attacks.