Recent advances in machine learning have shown promising results for detecting network intrusion through supervised machine learning. However, such techniques are ineffective for new types of attacks. In the preferred unsupervised and semi-supervised cases, these newer techniques suffer from lower accuracy and higher rates of false alarms. This work proposes a machine learning model that combines auto-encoder with one-class support vectors machine. In this model, the auto-encoders learn the representation of the input data in a latent space and reduces the dimensionality of the input data. The dimensionality-reduced input is then extracted from the auto-encoder and passed to a one-class support vectors machine to classify the network event as an attack or a normal event. The model is trained on normal network events only. The proposed model is then evaluated and compared with several existing models. It achieves high accuracy when tested on the NSL-KDD and KDD99 datasets, with total accuracies of 96.24% and 99.45%, respectively.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.