Deep and Machine Learning Approaches for Anomaly-Based Intrusion Detection of Imbalanced Network Traffic

Recently, cybersecurity threats have increased dramatically, and the techniques used by the attackers continue to evolve and become ingenious during the attack. Moreover, the complexity and frequent occurrence of imbalanced class distributions in most datasets indicate the need for extra research efforts. The objective of this article is to utilize various techniques for handling imbalanced datasets to build an effective intrusion detection system from the up-to-date Coburg Intrusion Detection Dataset-001 (CIDDS-001) dataset. The effectiveness of sampling methods on CIDDS-001 is carefully studied and experimentally evaluated through deep neural networks, random forest, voting, variational autoencoder, and stacking machine learning classifiers. The proposed system was able to detect attacks with up to 99.99% accuracy when handling the imbalanced class distribution with fewer samples, making it more convenient in real-time data fusion problems that target data classification.