A Framework for implementing an ML or DL model to improve Intrusion Detection Systems (IDS) in the NTMA context, with an example on the dataset (CSE-CIC-IDS2018)

Abstract

The objective of this work is to present a framework to be followed to model, test, validate and implement a DL model for anomaly, abuse, malware or botnet detection, with the aim of implementing or improving an Intrusion Detection System (IDS) within the NTMA framework, by means of new machine learning and deep learning techniques, which addresses reliability and processing speed considerations. The said process will be used to perform studies on ML and DL models used for cybersecurity in isolation and in combination to extract conclusions, which can help in the improvement of intrusion detection systems using massive data collection techniques used in Big-Data. The example discussed in this work implemented part of our framework by applying the CNN algorithm on the CSE-CIC-IDS2018 dataset. The results are encouraging for the use of ML in IDS, with an efficiency that exceeds 92% after 30 iterations. Thus, this model remains to be improved and tested on real networks.