The Role of CNN for Intrusion Detection Systems: An Improved CNN Learning Approach for SDNs

An intrusion detection system (IDS) is an essential component of computer networks to detect and secure the system and environment from malicious activities and anomalous attacks. The convolutional neural network (CNN) is a popular deep learning algorithm that has been broadly applied in the field of computer vision. More recently, several researchers attempted to apply CNN for IDSs. However, the majority of these ignore the influence of the overfitting problem with the implementation of deep learning algorithms, which can impact the robustness of CNN-based anomaly detection systems. In this paper, we investigate the use of CNN for IDSs and propose a technique to enhance its performance by using two popular regularization techniques to address the overfitting problem. Our technique improves the capability of IDSs in detection of unseen intrusion events. We use InSDN benchmark dataset to train and evaluate the performance of our technique. The experimental results demonstrate that the regularization methods can improve the performance of CNN-based anomaly detection models for the software-defined networking (SDN) environment.