With the popularity and development of network technology and the Internet, intrusion detection systems (IDSs), which can identify attacks, have been developed. Traditional intrusion detection algorithms typically employ mining association rules to identify intrusion behaviors. However, they fail to fully extract the characteristic information of user behaviors and encounter various problems, such as high false alarm rate (FAR), poor generalization capability, and poor timeliness. In this paper, we propose a network intrusion detection model based on a convolutional neural network-IDS (CNN-IDS). Redundant and irrelevant features in the network traffic data are first removed using different dimensionality reduction methods. Features of the dimensionality reduction data are automatically extracted using the CNN, and more effective information for identifying intrusion is extracted by supervised learning. To reduce the computational cost, we convert the original traffic vector format into an image format and use a standard KDD-CUP99 dataset to evaluate the performance of the proposed CNN model. The experimental results indicate that the AC, FAR, and timeliness of the CNN-IDS model are higher than those of traditional algorithms. Therefore, the model we propose has not only research significance but also practical value.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.