This repository contains the implementation of a Network Intrusion Detection System (NIDS) using deep learning techniques. The system is designed to detect various types of network intrusions by analyzing network traffic data. The models implemented include CNN, LSTM, and One-vs-Rest (OvR) variants of these models.
Dataset
The models are trained on a subset of the NF-UQ-NIDS-V2 dataset, which is a comprehensive dataset for network intrusion detection. The dataset includes various types of attacks such as DDoS, DoS, Brute Force, XSS, and more. The dataset is highly imbalanced, with benign , Dos and DDoS traffic constituting the majority of instances.
Models
The following deep learning models are implemented and evaluated:
-
CNN (Convolutional Neural Network)
-
LSTM (Long Short-Term Memory)
-
OvR CNN (One-vs-Rest CNN)
-
OvR LSTM (One-vs-Rest LSTM)
The models are trained to classify network traffic into multiple categories, including normal traffic and various types of attacks.
Results
The models achieved high accuracy, with the LSTM-based OvR model performing the best.
Usage
dataset_exploration.ipynb: Contains code for dataset exploration
stratifiedkfold-split.ipynb: Contains code for creating sample dataset using strtified k-split.
feature-selection.ipynb and feature-extraction-ovr.ipynb: Contains code for feature extraction for OvR and non-OvR models.
nf-uq-nids-v2-dl-models.ipynb: Contains code for non-OvR CNN and LSTM models.
ovr-model-training-lstm.ipynb: Contains code for OvR LSTM models.
ovr-model-training-cnn.ipynb: Contains code for OvR CNN models.