Image Classifiers for Network Intrusions
David A. Noever, Samantha E. Miller Noever
TL;DR
This paper transforms network intrusion data into images to leverage deep learning, achieving high accuracy in detecting attacks and identifying attack types, with insights into feature importance for network security.
Contribution
It introduces a novel image-based approach to network intrusion detection using deep learning on grayscale thumbnails derived from network data.
Findings
97% accuracy in distinguishing normal and attack traffic
56% accuracy in classifying 9 attack families
Identification of key source-destination factors using feature importance
Abstract
This research recasts the network attack dataset from UNSW-NB15 as an intrusion detection problem in image space. Using one-hot-encodings, the resulting grayscale thumbnails provide a quarter-million examples for deep learning algorithms. Applying the MobileNetV2's convolutional neural network architecture, the work demonstrates a 97% accuracy in distinguishing normal and attack traffic. Further class refinements to 9 individual attack families (exploits, worms, shellcodes) show an overall 56% accuracy. Using feature importance rank, a random forest solution on subsets show the most important source-destination factors and the least important ones as mainly obscure protocols. The dataset is available on Kaggle.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Anomaly Detection Techniques and Applications · Internet Traffic Analysis and Secure E-voting