CNN- based intrusion detection software for network operating system environment

Cybersecurity represents an important challenge specific to digital technology in the modern world, and is of vital importance for reducing or even preventing the impact of cybercrime. The Linux operating system is designed as open-source software that includes some features of software tools intended for network security and cybersecurity systems, such as intruder detection and penetration testing. With these tools in Linux, we need a special system to constantly detect intrusions into connected network devices. This research presents a method for detecting intrusion attacks based on analyzing the natural behavior of the system by building a special convolutional network to achieve this goal. The classification and detection results of the proposed convolutional neural network were compared with the regular machine learning method (SVM), with feature selection by correlation for both methods.  Same datasets were used to train and test each of CNN and SVM. Some metrics were determined to evaluate the performance of classification and prediction models for a specific type of regular attacks, DoS and BOT attacks, where both SVM and CNN obtained an accuracy of 85.58% and 95.59%, respectively.