A Spectrogram Image-Based Network Anomaly Detection System Using Deep Convolutional Neural Network

The dynamics of computer networks have changed rapidly over the past few years due to a tremendous increase in the volume of the connected devices and the corresponding applications. This growth in the network's size and our dependence on it for all aspects of our life have therefore resulted in the generation of many attacks on the network by malicious parties that are either novel or the mutations of the older attacks. These attacks pose many challenges for network security personnel to protect the computer and network nodes and corresponding data from possible intrusions. A network intrusion detection system (NIDS) can act as one of the efficient security solutions by constantly monitoring the network traffic to secure the entry points of a network. Despite enormous efforts by researchers, NIDS still suffers from a high false alarm rate (FAR) in detecting novel attacks. In this paper, we propose a novel NIDS framework based on a deep convolution neural network that utilizes network spectrogram images generated using the short-time Fourier transform. To test the efficiency of our proposed solution, we evaluated it using the CIC-IDS2017 dataset. The experimental results have shown about 2.5% - 4% improvement in accurately detecting intrusions compared to other deep learning (DL) algorithms while at the same time reducing the FAR by 4.3%-6.7% considering binary classification scenario. We also observed its efficiency for a 7-class classification scenario by achieving almost 98.75% accuracy with 0.56% - 3.72% improvement compared to other DL methodologies.