RICNN: A ResNet&Inception Convolutional Neural Network for Intrusion Detection of Abnormal Traffic

Benhui Xia1, Dezhi Han1, Ximing Yin2 and Na Gao1

  1. College of Information Engineering, Shanghai Maritime University
    200031 Shanghai, China
    {201930310092}@stu.shmtu.edu.cn, dzhan@shmtu.edu.cn
  2. The Third Research Institute of Ministry of Public Security
    201306 Shanghai, China

Abstract

To secure cloud computing and outsourced data while meeting the requirements of automation, many intrusion detection schemes based on deep learning are proposed. Though the detection rate of many network intrusion detection solutions can be quite high nowadays, their identification accuracy on imbalanced abnormal network traffic still remains low. Therefore, this paper proposes a ResNet &Inception-based convolutional neural network (RICNN) model to abnormal traffic classification. RICNN can learn more traffic features through the Inception unit, and the degradation problem of the network is eliminated through the direct mapping unit of ResNet, thus the improvement of the model’s generalization ability can be achievable. In addition, to simplify the network, an improved version of RICNN, which makes it possible to reduce the number of parameters that need to be learnt without degrading identification accuracy, is also proposed in this paper. The experimental results on the dataset CICIDS2017 show that RICNN not only achieves an overall accuracy of 99.386% but also has a high detection rate across different categories, especially for small samples. The comparison experiments show that the recognition rate of RICNN outperforms a variety of CNN models and RNN models, and the best detection accuracy can be achieved.

Key words

Intrusion Detection, ResNet, Inception, CNN, Traffic Classification, Imbalanced Samples

Digital Object Identifier (DOI)

https://doi.org/10.2298/CSIS210617055X

How to cite

Xia, B., Han, D., Yin, X., Gao, N.: RICNN: A ResNet&Inception Convolutional Neural Network for Intrusion Detection of Abnormal Traffic. Computer Science and Information Systems, https://doi.org/10.2298/CSIS210617055X