A review on Deep Neural Network for Computer Network Traffic Classification

TL;DR

This paper surveys Deep Neural Network–based methods for classifying computer network traffic into normal and various attack categories (Normal, DoS, R2L, U2R, Probing) to bolster intrusion detection and prevention. It covers a spectrum of architectures—from feed-forward nets and CNNs to RNNs and SOM hybrids—applied to datasets such as NSL-KDD, KDD Cup 1999, CAN, and USTC-TFC2016, detailing architectures and performance. The findings show high reported accuracies, frequently surpassing 90% and in some cases approaching 100% on specific datasets, illustrating the potential of DNNs for rapid and robust traffic classification. However, the results are dataset-dependent and constrained by training overhead and potential data biases, indicating that practical deployment requires careful dataset selection, model tuning, and efficiency considerations for real-world IDS/IPS integration.

Abstract

Focus on Deep Neural Network based malicious and normal computer Network Traffic classification. (such as attacks, phishing, any other illegal activity and normal traffic identification). In this paper, the main idea is to review, existed Neural Network based network traffic classification. Which indicates intrusion activity classification and detection. It is very important to classify network traffic to safeguard any system, connected to computer network. There are a variety of NN architecture for it, with different rate of accuracy. On this paper we will do relative compression among them. Index Terms-Computer Network, Network traffic, Packet, Intrusion, DOS (Denial-of-service), unauthorized access, IDS (Intrusion Detection System), IPS (Intrusion Prevention Systems), R2L (Remote to Local Attack), Probing, U2R (User to Root Attack), DNN (Deep Neural Network), CRNN (Convolutional Recurrent Neural Network), RPROP (Resilient propagation).