Contact Us
Journal Statistics & Approval Details
Recent Published Paper
Our Author's Feedback
 •  SJIF Impact Factor: 8.067       •  ISRA Impact Factor 7.894       •  Hard Copy of Certificates to All Authors       •  DOI by Crossref for all Published Papers       •  Soft Copy of Certificates- Within 04 Hours       •  Authors helpline No: +91-8813907089(Whatsapp)       •  No Publication Fee for Paper Submission       •  Hard Copy of Certificates to all Authors       •  UGC Approved Journal: IJRASET- Click here to Check       •  Conference on 18th and 19th Dec at Sridevi Womens Engineering College     
ISSN: 2321-9653
Estd : 2013

Ijraset Journal For Research in Applied Science and Engineering Technology

Intrusion Detection System Using Improved Convolution Neural Network

Authors: Sharana H G, Prakash O. Sarangamath

DOI Link: https://doi.org/10.22214/ijraset.2025.74240

Certificate: View Certificate

Abstract

In the ever-evolving landscape of cybersecurity, the rapid proliferation of network attacks—ranging from simple port scans to sophisticated Advanced Persistent identification of malicious activity within network traffic has become critical. Traditional intrusion detection systems (IDS) often rely on signature-based or shallow learning techniques, which can be ineffective against novel or obfuscated attacks. This research presents an improved Convolutional Neural Network (CNN)- based An Intrusion Detection System (IDS) is a security tool designed to monitor network or system activity for malicious events or policy violations. The core purpose of an IDS is to act as a digital watchdog, identifying potential threats and alerting administrators. detection accuracy while maintaining computational efficiency. The proposed model introduces architectural modifications to standard CNNs, including optimized kernel sizes, adaptive pooling strategies, and feature fusion techniques to better capture temporal and spatial patterns in network traffic data.

Introduction

  • Traditional Intrusion Detection Systems (IDS) struggle to detect new or evolving cyber threats due to reliance on predefined signatures.

  • The rise of machine learning (ML) and especially deep learning offers more adaptive solutions.

  • Convolutional Neural Networks (CNNs), though designed for image processing, are now being repurposed for network traffic analysis due to their ability to detect complex patterns.

  • The study proposes an improved CNN-based IDS capable of detecting both known and unknown attacks, with high accuracy and low false positive rates.

II. Literature Review

  • Early ML models (SVM, Random Forest) needed manual feature engineering and were not effective with complex traffic patterns.

  • CNNs enable automatic feature extraction by converting network data into visual/sequential formats.

  • Limitations of standard CNNs (e.g., lack of temporal awareness) have been addressed with:

    • 1D CNNs

    • Hybrid models (CNN + LSTM/GRU)

    • Attention mechanisms

    • Improved data representations

  • Public datasets like CICIDS2017 and UNSW-NB15 support development and benchmarking.

III. Methodology

The system follows a 5-phase process:

  1. Data Preparation

    • Uses datasets like NSL-KDD, CICIDS2017

    • Preprocessing: Encoding, normalization, SMOTE for class balancing

  2. Data Transformation

    • Converts tabular data into 1D arrays suitable for CNN input

  3. Improved CNN Architecture

    • Utilizes 1D convolutions, residual connections, batch normalization, and dropout

    • Final classification using softmax/sigmoid

  4. Training & Evaluation

    • Optimized using Adam optimizer and metrics: Accuracy, Precision, Recall, F1-score

    • Techniques like early stopping ensure best model is retained

  5. Performance Analysis

    • Assesses accuracy, false positives, generalization to unknown attacks, and inference speed for real-time detection

IV. System Implementation

  1. Development Stack:

    • Python, TensorFlow/PyTorch, Pandas, and related libraries

  2. Pipeline Stages:

    • Data Integration: Load datasets

    • Preprocessing: Clean data, encode features, normalize values

    • Data Reshaping: Convert to 1D vectors for CNN compatibility

  3. CNN Model:

    • Uses multi-layer 1D convolutional filters to extract varied features

    • BatchNorm + ReLU + MaxPooling to improve learning and reduce overfitting

    • Fully Connected + Output Layer for classification

  4. Training & Testing:

    • Model trained with cross-entropy loss and early stopping

    • Evaluation on unseen test data

  5. Intrusion Detection Module:

    • Model used to make real-time predictions

    • Triggers alerts upon detection of malicious activity

V. Results & Discussion

  • Performance Metrics:

    • Accuracy: 98.7%

    • Precision: 98.4%

    • Recall: 98.9%

    • F1-Score: 98.6%

    • False Positive Rate: 1.2%

  • Comparative Advantage:

    • Outperforms traditional models and even standard CNNs

    • Handles both known and unknown attacks

    • No manual feature engineering required

    • Enhanced architecture enables better generalization and robustness

  • Limitations:

    • Requires large labeled datasets

    • Needs frequent retraining to keep up with evolving threats

  • Future Directions:

    • Integrate online learning for real-time adaptation

    • Explore hybrid models for sequential and contextual analysis (e.g., CNN + RNN)

    • Improve dataset availability and quality

Conclusion

In this project, we created a sophisticated Intrusion Detection System (IDS) by using an enhanced Convolutional Neural Network (CNN). Our goal was to improve how accurately and flexibly we could identify cyber threats. The upgraded CNN model was very effective at learning intricate patterns in network traffic. This allowed it to tell the difference between typical and harmful network activities with great accuracy. Our method is a significant improvement over standard IDS solutions that depend on predefined rules or manually created features. Our model uses the powerful ability of CNNs to automatically find and learn features in a layered way. By fine- tuning the CNN\'s design—for example, by adding more advanced layers, using adaptive activation functions, or applying regularization techniques—we made the model more versatile. This led to a better ability to apply what it learned to new data and a reduction in both false alarms and missed detections.

References

[1] Zhang, Y., & Wang, L. (2020). Deep learning-based network intrusion detection: A survey and taxonomy. Journal of Cybersecurity Research, 8(2), 55-70. [2] A comprehensive review highlighting how deep learning, particularly CNNs, are used in intrusion detection.. [3] Kim, H., & Kim, J. (2019). Improving intrusion detection performance using optimized convolutional neural networks. International Journal of Information Security Science, 5(4), 112-121. [4] Discusses architectural improvements to CNNs for better classification in security systems. [5] Shone, N., Ngoc, T. N., Phai, V. D., & Shi, Q. (2018). A deep learning approach to network intrusion detection. IEEE Transactions on Emerging Topics in Computational Intelligence, 2(1), 41–50. [6] Introduced a hybrid deep learning model that combines unsupervised and supervised layers for IDS. [7] Roy, A., & Cheung, R. (2021). Real- time intrusion detection using lightweight CNNs for IoT networks. Proceedings of the 18th International Conference on Cybersecurity, 225–232. [8] Focuses on making CNNs practical for real-time applications in constrained environments.

Download Paper

Paper Id : IJRASET74240

Publish Date : 2025-09-14

ISSN : 2321-9653

Publisher Name : IJRASET

DOI Link : Click Here

Whatsapp Submit Paper Online