Behaviour Classification of Cyber Attacks Using Convolutional Neural Networks

Behaviour Classification of Cyber Attacks Using Convolutional Neural Networks

Most existing proposals are invariably based on the assumption that defence mechanisms can filter malicious connections. This assumption cannot be guaranteed in practical applications. Remote connections generally bypass the firewall and virus detection engines by using legal network protocols, such as http, ICMP, and SSL; once connected, clients can upload malicious applications to the host. Defenders require an efficient network detection approach that can quickly learn new network behavioural features for detecting network intrusions. Deep learning (DL) can utilise enhanced features based on behaviour patterns extracted from intrusion detection datasets. Accordingly, this study focuses on network intrusion detection by using LeNet-5 model with back propagation incorporating ID3 decision tree scheme for feature reduction. In the study, behavioural feature selection, image matrix transformation, and weight comparison were used to classify network threats. The experimental results indicated that the prediction accuracy of threat classification increased with an increase in the size of the data sample (N). The prediction accuracy of intrusion detection increased up to 96.02% for six subcategories with N ≥ 10,000 and 93.75% for 39 subcategories with N ≥ 500. The overall accuracy rate was 94.89%.