NUST Institutional Repository
Adaptive Network Intrusion Detection System (NIDS) Using Deep Learning (DL)
- DSpace Home
- →
- E-Theses
- →
- CEME
- →
- Computer Engineering
- →
- MS
- →
- View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Saeed, Haroon | |
| dc.date.accessioned | 2025-04-09T06:37:00Z | |
| dc.date.available | 2025-04-09T06:37:00Z | |
| dc.date.issued | 2025 | |
| dc.identifier.other | 431966 | |
| dc.identifier.uri | http://10.250.8.41:8080/xmlui/handle/123456789/51907 | |
| dc.description | Supervisor: Dr. Asad Mansoor Khan | en_US |
| dc.description.abstract | The rising sophistication of cyber threats necessitates the prompt adoption of sophisticated and accurate Network Intrusion Detection Systems (NIDS) to safeguard digital assets. However, many challenges are faced in the design of a robust, efficient and accurate IDS, especially when it concerns high-dimensional anomaly data and unforeseen, unpredictable attacks. Traditional machine and deep learning techniques, for instance, Convolutional Neural Networks (CNNs), Recurrent Neural Networks (RNNs) and Random Forest usually struggle with capturing long-range dependencies in network traffic, leading to inferior detection rates. In this study we propose TransDNN, a hybrid of Transformer and DNN. By harnessing the transformer model to capture the complexities of the pattern in the network data, followed by the classification module using DNN, it classifies the network traffic as normal or anomalous. In contrast to most of the prior approaches, TransDNN employs a hybrid sampling technique to handle dataset imbalance. Furthermore, by leveraging Stacked Auto Encoder (SAE) for dimensionality reduction, TransDNN remains dataset-agnostic which gives our model the ability to be applied seamlessly on different datasets without the need for dataset specific preprocessing or feature selection. This versatility ensures that the same model can generalize well across different Network Intrusion Detection datasets with minimum to none dataset specific manual interventions. To validate the efficacy and efficiency of the TransDNN framework, several ablation studies are performed using three benchmark data sets: NSL-KDD, UNSW-NB15 and CIC-IDS2017. The training datasets comprise of 125,973, 175,341 and 1,400,000 samples for NSL-KDD, UNSW-NB15 and CIC-IDS2017, respectively. The performance was measured in terms of accuracy, precision, recall, F1 Score, and confusion matrices. TransDNN offers good results of 91.2% on the NSL-KDD dataset, 99.6% on the UNSW-NB15 dataset and 99.66% on CIC-IDS2017, thereby showcasing its efficiency in the intrusion detection task. In addition, the parameters of the model can be reduced without significant loss in accuracy. | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | College of Electrical & Mechanical Engineering (CEME), NUST | en_US |
| dc.title | Adaptive Network Intrusion Detection System (NIDS) Using Deep Learning (DL) | en_US |
| dc.type | Thesis | en_US |
Files in this item
This item appears in the following Collection(s)
-
MS [331]