A content-based deep intrusion detection system

The growing number of Internet users and the prevalence web applications make it necessary to deal with very complex software in network. This results an increasing new vulnerabilities systems, leading increase cyber threats and, particular, zero-day attacks. cost generating appropriate signatures for these attacks is a potential motive using machine learning-based methodologies. Although there are many studies on methods attack detection, they generally use extracted features overlook raw contents. approach can lessen performance detection systems against content-based like SQL injection, Cross-site Scripting (XSS), various viruses. In this work, we propose framework, called deep intrusion (DID) system, that uses pure content traffic flows addition metadata learning phases passive DNN IDS. To end, deploy evaluate offline IDS following framework LSTM as technique. Due inherent nature learning, process high-dimensional data accordingly, discover sophisticated relations between auto traffic. proposed DID CIC-IDS2017 CSE-CIC-IDS2018 datasets. evaluation metrics, such precision recall, reach 0.992 0.998 CIC-IDS2017, 0.933 0.923 CSE-CIC-IDS2018, respectively, which show high method.