Skip to content

Dev-31/Intrusion-Detection-System-for-DDoS-Attack-using-Deep-Learning

BranchesTags

Repository files navigation

Intrusion Detection System for DDoS Attacks Using Deep Learning

This project focuses on building a Deep Learning-based Intrusion Detection System (IDS) to detect and classify DDoS (Distributed Denial-of-Service) attacks using the UNSW-NB15 dataset.
The main goal is to improve detection accuracy and reduce false positives by applying different deep learning models and data balancing techniques.

Project Overview

The IDS analyzes network traffic to identify potential DDoS attacks.
Models such as CNN, RNN, and LSTM were trained, and dataset imbalance was handled using SMOTE and ADASYN to improve performance.

Methodology

Deep Learning Models

  • CNN (Convolutional Neural Network): Captures spatial patterns in traffic data.
  • RNN (Recurrent Neural Network): Learns temporal dependencies across sequences.
  • LSTM (Long Short-Term Memory): Improves detection on time-series data.

Balancing Techniques

  • SMOTE: Generates synthetic samples to balance class distribution.
  • ADASYN: Focuses on more complex samples to enhance model learning.

Dataset

  • UNSW-NB15 Dataset: A benchmark dataset for network intrusion detection.

Results

Model Balancing Technique Accuracy
CNN ADASYN 74.29%
RNN ADASYN 74.00%
LSTM Random Oversampling (Other Dataset) 96.97%
XGBoost Random Oversampling (Other Dataset) 99.94%
Logistic Regression Random Oversampling (Other Dataset) 94.05%
Decision Tree Random Oversampling (Other Dataset) 100%
Random Forest Random Oversampling (Other Dataset) 100%

The models using ADASYN with CNN and RNN gave the most balanced and reliable performance on the UNSW dataset.
These results show that adaptive sampling techniques combined with deep learning can effectively improve DDoS detection accuracy.

Key Learnings

  • Balancing imbalanced datasets improves overall detection reliability.
  • ADASYN performs better than standard oversampling in most cases.
  • CNN and RNN models effectively capture both spatial and temporal patterns in traffic data.

Tech Stack

  • Language: Python
  • Libraries: TensorFlow/Keras, Scikit-learn, NumPy, Pandas, Matplotlib
  • Dataset: UNSW-NB15

Future Scope

  • Implement real-time attack detection.
  • Combine CNN and LSTM for hybrid modeling.
  • Add explainable AI (XAI) techniques for model interpretability.
  • Develop a dashboard for live monitoring and analytics.

Author

Dev Sopariwala

About

A Deep Learning–based Intrusion Detection System to detect and classify DDoS attacks using the UNSW-NB15 dataset. Implemented models like CNN, RNN, and LSTM, applying SMOTE and ADASYN techniques for dataset balancing, achieving improved detection accuracy and reduced false positives.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages