SAPTHAGIRI COLLEGE OF ENGINEERING

(Affiliated to Visvesvaraya Technological University, Belagavi & Approved by AICTE, New Dehli)

Department of Information Science and engineering

NETWORK INTRUSION DETECTION SYSTEM USING RECURRENT NEURAL NETWORKS AND DEEP NEURAL
NETWORKS

BATCH- 15
Presented by:
Chandrakala C Y (1SG17IS023)
Anjana G Nadig (1SG18IS010)
Harshitha R (1SG18IS040)
Likhitha D J (1SG18IS054)
Under the guidance of
Chandini A
Assistant Professor
Dept.of ISE, SCE
Dept of ISE,SCE 2021-22 1
 CONTENTS Topics
01 INTRODUCTION
02 EXISTING SYSTEM
03 PROPOSED SYSTEM
04 LITERATURE SURVEY
05 FUNCTIONAL&NON-FUNCTIONAL REQUIREMENTS
06 HARDWARE REQUIREMENTS
07 SOFTWARE REQUIREMENTS
08 CONCLUSION

Dept of ISE,SCE 2021-22 2

 Introduction
An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious
activity or policy violations.
Any intrusion activity or violation is typically reported either to an administrator or collected centrally using a security
information and event management (SIEM) system.
 IDS types range in scope from single computers to large networks.
The most common classifications are Network intrusion detection systems (NIDS) and host-based intrusion detection systems
(HIDS). A system that monitors important operating system files is an example of an HIDS, while a system that analyzes incoming
network traffic is an example of an NIDS.
OBJECTIVES:
• IDS' are generally deployed with the purpose to monitor and analyze user and system activity, audit system configurations and
vulnerabilities, assess the integrity of any critical system and data files, perform statistical analysis of activity patterns based on
the matching to known attacks, detect abnormal activity and audit operating systems.

Dept of ISE,SCE 2021-22 3

 Existing System
DRAWBACKS OF EXISTING SYSTEM
Traditional machine algorithms are unsuitable when the size of the data set increases.

Most of the existing work focused on older datasets to detect network attacks.

Dept of ISE,SCE 2021-22 4

 Proposed System
ADVANTAGES OF PROPOSED SYSTEM
Deep learning algorithms are used since they are more suitable to large-scale data when
compared to traditional machine learning algorithms.

CICIDS 2017 dataset is being used to detect network attacks.

Attacks such as DOS, DDOS, Web Attacks, Bot Net attacks are detected.

The DNN based IDS is reliable and efficient in intrusion detection for identifying the specific
attack classes with required number of samples for training.

An RNN remembers each and every information through time. It is useful in time series
prediction only because of the feature to remember previous inputs as well.
Dept of ISE,SCE 2021-22 5
 Block Diagram

Figure 1. Proposed architecture of DNN.

Dept of ISE,SCE 2021-22 6
Title
1. Using Deep Learning Techniques for
Network Intrusion Detection
2.Network Intrusion Detection Based on
Deep Learning
Dept of ISE,SCE
Authors Highlights
Sara Al-Emadi evaluate the performance of the
proposed solution using different
evaluation matrices and we present
a comparison between the results of
our proposed solution to find the
best model for the network
intrusion detection system.
Wang Peng The results show that the proposed
method has a significant
improvement over the traditional
machine learning accuracy.
2021-22 7
 Title
Intrusion Detection System based
on Network Traffic using Deep
Neural Networks
Investigating Network Intrusion
Detection Datasets Using
Machine Learning
Dept of ISE,SCE
Authors Highlights
Dimitra Chamou The experimental results for the
real-time intrusion detection
system showed that the
proposed model can achieve
high accuracy, and low false
positive rate, while
distinguishing between
malicious and normal network
traffic.
Gabriel Chukwunonso Amaizu Results showed the model to
perform best for NSL-KDD,
followed by UNSW-NB15 and
CSECIC-IDS2018 respectively.
Model accuracy achieved for
these datasets were NSL-KDD
(97.89%), UNSW-NB15
(89.99%), and CSE-CIC-
IDS2018 (76.47%) was achieved.
2021-22 8
Functional Requirements
• We proposed an algorithm of deep neural networks or DNN that contains 41 layers of input, 4 layers of hidden
and 2 layers of output, the neurons in input-layer to hidden-layer and hidden to output-layer are connected
completely, and with 100 iterations.
• The learning is kept constant at 0.01 while the other parameters are optimized.
• After that for DNN, the number of neurons of the first hidden layer was further increased to 1280 but did not give
any appreciable increase in accuracy. Therefore, the number of neurons was set to 1024.
• Conventionally, increasing the count of the layers results in better results compared to increasing the neuron count
in a layer. Therefore, the following network topologies were used in order to scrutinize and conclude the optimum
network structure for our input data. We proposed a DNN architecture with 1, 2, 3, 4 layers for all use cases.

Dept of ISE,SCE
2021-22 9
Non functional Requirements

Reliability: The system should be trustworthy and reliable in providing

the functionalities.
Scalability: The system should be scalable enough to add new
functionalities at a later stage.
Maintainability: The system monitoring and maintenance should be
simple and objective in this approach.

Dept of ISE,SCE
2021-22 10
 Hardware Requirements
Processor: Above 1.5GHZ
Hard Disk: 80GB
RAM: 2GB

SOFTWARE REQUIREMENTS
Language: Python
 OS: Windows 10(64bit)
 Package- Python 3.7
Software- Anaconda

Dept of ISE,SCE 2021-22 11

 Conclusion
RNN and DNN models are being implemented to detect attacks using CICIDS 2017 dataset. Binary
classification of attacks is focused in this implementation. Most of the researches proposed their system with the
older dataset, we will implement using the newest datasets (CICIDS) using RNN and DNN.

Dept of ISE,SCE 2021-22 12

 Thank You

Dept of ISE,SCE 2021-22 13