Robust Deep Learning Based Framework for Detecting Cyber Attacks from Abnormal Network Traffic

TL;DR: The proposed model RNN-LDA is used to learn time-ordered sequences of network flow traffic and assess its performance in detecting abnormal behaviour and is more effective than traditional tactics at ensuring high levels of privacy.

Abstract: The internet's recent rapid growth and expansion have raised concerns about cyberattacks, which are constantly evolving and changing. As a result, a robust intrusion detection system was needed to safeguard data. One of the most effective ways to meet this problem was by creating the artificial intelligence subfields of machine learning and deep learning models. Network integration is frequently used to enable remote management, monitoring, and reporting for cyber-physical systems (CPS). This work addresses the primary assault categories such as Denial of Services(DoS), Probe, User to Root(U2R) and Root to Local(R2L) attacks. As a result, we provide a novel Recurrent Neural Networks (RNN) cyberattack detection framework that combines AI and ML techniques. To evaluate the developed system, we employed the Network Security Laboratory-Knowledge Discovery Databases (NSL-KDD), which covered all critical threats. We used normalisation to eliminate mistakes and duplicated data before pre-processing the data. Linear Discriminant Analysis(LDA) is used to extract the characteristics. The fundamental rationale for choosing RNN-LDA for this study is that it is particularly efficient at tackling sequence issues, time series prediction, text generation, machine translation, picture descriptions, handwriting recognition, and other tasks. The proposed model RNN-LDA is used to learn time-ordered sequences of network flow traffic and assess its performance in detecting abnormal behaviour. According to the results of the experiments, the framework is more effective than traditional tactics at ensuring high levels of privacy. Additionally, the framework beats current detection techniques in terms of detection rate, false positive rate, and processing time.