Deep Learning-Based IDSs

  • Kwangjo Kim
  • Muhamad Erza Aminanto
  • Harry Chandra Tanuwidjaja
Part of the SpringerBriefs on Cyber Security Systems and Networks book series (BRIEFSCSSN)


This chapter reviews recent IDSs leveraging deep learning models as their methodology which were published during 2016 and 2017. The critical issues like problem domain, methodology, dataset, and experimental result of each publication will be discussed. These publications can be classified into three different categories according to deep learning classification in Chap.  4, namely, generative, discriminative, and hybrid. The generative model group consists of IDSs that use deep learning models for feature extraction only and use shallow methods for the classification task. The discriminative model group contains IDSs that use a single deep learning method for both feature extraction and classification task. The hybrid model group includes IDSs that use more than one deep learning method for generative and discriminative purposes. All IDSs are compared to overview the advancement of deep learning in IDS researches.


Deep Learning Models Shallow Methods Short-Term Memory Recurrent Neural Networks Distributed Denial Of Service (DDoS) Collective Anomalies 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    S. S. Roy, A. Mallik, R. Gulati, M. S. Obaidat, and P. Krishna, “A deep learning based artificial neural network approach for intrusion detection,” in International Conference on Mathematics and Computing. Springer, 2017, pp. 44–53.Google Scholar
  2. 2.
    S. Potluri and C. Diedrich, “Accelerated deep neural networks for enhanced intrusion detection system,” in Emerging Technologies and Factory Automation (ETFA), 2016 IEEE 21st International Conference on. IEEE, 2016, pp. 1–8.Google Scholar
  3. 3.
    H. Larochelle, Y. Bengio, J. Louradour, and P. Lamblin, “Exploring strategies for training deep neural networks,” Journal of machine learning research, vol. 10, no. Jan, pp. 1–40, 2009.Google Scholar
  4. 4.
    A. Javaid, Q. Niyaz, W. Sun, and M. Alam, “A deep learning approach for network intrusion detection system,” in Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (formerly BIONETICS). ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering), 2016, pp. 21–26.Google Scholar
  5. 5.
    Y. Yu, J. Long, and Z. Cai, “Session-based network intrusion detection using a deep learning architecture,” in Modeling Decisions for Artificial Intelligence. Springer, 2017, pp. 144–155.Google Scholar
  6. 6.
    J. Kim, J. Kim, H. L. T. Thu, and H. Kim, “Long short term memory recurrent neural network classifier for intrusion detection,” in Platform Technology and Service (PlatCon), 2016 International Conference on. IEEE, 2016, pp. 1–5.Google Scholar
  7. 7.
    Y. LIU, S. LIU, and Y. WANG, “Route intrusion detection based on long short term memory recurrent neural network,” DEStech Transactions on Computer Science and Engineering, no. cii, 2017.Google Scholar
  8. 8.
    T. A. Tang, L. Mhamdi, D. McLernon, S. A. R. Zaidi, and M. Ghogho, “Deep learning approach for network intrusion detection in software defined networking,” in Wireless Networks and Mobile Communications (WINCOM), 2016 International Conference on. IEEE, 2016, pp. 258–263.Google Scholar
  9. 9.
    C. Yin, Y. Zhu, J. Fei, and X. He, “A deep learning approach for intrusion detection using recurrent neural networks,” IEEE Access, vol. 5, pp. 21 954–21 961, 2017.CrossRefGoogle Scholar
  10. 10.
    Z. Li, Z. Qin, K. Huang, X. Yang, and S. Ye, “Intrusion detection using convolutional neural networks for representation learning,” in International Conference on Neural Information Processing. Springer, 2017, pp. 858–866.Google Scholar
  11. 11.
    R. C. Staudemeyer, “Applying long short-term memory recurrent neural networks to intrusion detection,” South African Computer Journal, vol. 56, no. 1, pp. 136–154, 2015.Google Scholar
  12. 12.
    L. Bontemps, J. McDermott, N.-A. Le-Khac, et al., “Collective anomaly detection based on long short-term memory recurrent neural networks,” in International Conference on Future Data and Security Engineering. Springer, 2016, pp. 141–152.Google Scholar
  13. 13.
    M. K. Putchala, “Deep learning approach for intrusion detection system (ids) in the internet of things (iot) network using gated recurrent neural networks (gru),” Ph.D. dissertation, Wright State University, 2017.Google Scholar
  14. 14.
    P. K. Bediako, “Long short-term memory recurrent neural network for detecting DDoS flooding attacks within tensorflow implementation framework.” 2017.Google Scholar
  15. 15.
    A. Dimokranitou, “Adversarial autoencoders for anomalous event detection in images,” Ph.D. dissertation, Purdue University, 2017.Google Scholar
  16. 16.
    S.-G. Choi and S.-B. Cho, “Adaptive database intrusion detection using evolutionary reinforcement learning,” in International Joint Conference SOCO’17-CISIS’17-ICEUTE’17 León, Spain, September 6–8, 2017, Proceeding. Springer, 2017, pp. 547–556.Google Scholar
  17. 17.
    M. Feng and H. Xu, “Deep reinforecement learning based optimal defense for cyber-physical system in presence of unknown cyber-attack,” in Computational Intelligence (SSCI), 2017 IEEE Symposium Series on. IEEE, 2017, pp. 1–8.Google Scholar

Copyright information

© The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd., part of Springer Nature 2018

Authors and Affiliations

  • Kwangjo Kim
    • 1
  • Muhamad Erza Aminanto
    • 1
  • Harry Chandra Tanuwidjaja
    • 1
  1. 1.School of Computing (SoC)Korea Advanced Institute of Science and TechnologyDaejeonKorea (Republic of)

Personalised recommendations