Towards Robust and Resilient Network Intrusion Detection System
Machine learning (ML) and deep learning (DL) advancements have greatly enhanced anomaly detection of network intrusion detection systems (NIDS) by empowering them to analyze big data and extract patterns. ML/DL-based NIDS are trained using either flow-based or packet-based features. Flow-based NIDS are suitable for offline traffic analysis, while packet-based NIDS can analyze traffic and detect attacks in real-time. This research proposes a novel artificial intelligence- (AI-)enabled methodological framework for packet-based NIDS that effectively analyzes header and payload data and considers temporal connections among packets. The AI-enabled framework transforms sequential packets into a two-dimensional image, which is then passed through a convolutional neural network-based intrusion detector model. The study investigates robustness of this AI methodology against adversarial samples and evaluates its domain adaptability.
Related paper:
Towards Real-time Network Intrusion Detection with Image-based Sequential Packets Representation