Network Intrusion Detection Using LSTM-Based Models
摘要
A major challenge in detecting anomalies in dataset is the need for labeled data to train and validate models. In this paper, we analyze a novel approach that use the Long Short-Term Memory (LSTM) to identify attacks in an imbalanced dataset. Importantly, our models are trained exclusively on examples from the normal class. The LSTM is specifically trained to recognize the typical traffic patterns in normal data and to create a compressed representation of the input data. With a focus on real-time detection, this paper illuminates the path to a new era of proactive network security, where dynamic, context-aware anomaly detection stands as the vanguard against the ever-evolving landscape of cyberattacks. With a commitment to achieving more than 99% accuracy, we meticulously outline our methodology for preprocessing the CICIDS2018 dataset, encompassing data cleaning and feature engineering, particularly in the presence of imbalanced datasets where normal instances significantly outnumber anomalous ones. We detailed the methodology for preprocessing the CICIDS2018 dataset.