Network intrusion detection based on the temporal convolutional model

Recurrent networks have been adopted as default architecture in approaches performing sequence modelling of network intrusion detection problems. However, models based on Recurrent Neural Network (RNN) architecture have some limitations regarding computation complexity and detection performance due to information loss. Recent studies suggested that certain convolutional-based architectures that can natively process temporal data outperform recurrent networks in time series modelling, such as speech synthesis and machine translation. Inspired by the success of temporal-based convolutional architectures in other domains, this paper designs and implements four temporal-based convolutional models in network intrusion detection and studies their classification performance. The models are based on MINImally RandOm Convolutional KErnel Transform (MiniRocket), eXplainable Convolutional Neural Network for Multivariate Time Series Classification (XCM), One-Dimensional Convolution Neural Network (OS-CNN), and Time Series Transformer (TST) architecture. We evaluate our models using the effectiveness and efficiency metrics based on CICDDoS2019 and CSE-CIC-IDS2018 datasets. Every model has achieved a high evaluation performance in the range between 98.07% and 99.99% in most considered metrics using the test dataset. MiniRocket and OS-CNN obtained the highest evaluation results regarding the effectiveness metrics. The high evaluation results suggest that they can improve the detection effectiveness of approaches formulating network intrusion detection as a time series task.