Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

A Temporal Convolutional Network-based Approach for Network Intrusion Detection

Rukmini Nazre, Rujuta Budke, Omkar Oak, Suraj Sawant, Amit Joshi

TL;DR

This study addresses the challenge of multiclass network intrusion detection in edge IoT environments by introducing a Temporal Convolution Network (TCN) with residual blocks and dilated causal convolutions. The proposed architecture processes sequences in parallel, enabling efficient capture of long-range temporal dependencies, and culminates in a 15-class softmax classifier. On the Edge-IIoTset benchmark, the TCN outperforms 1D CNN and several CNN-based hybrid models, achieving 96.72% accuracy and 0.0668 loss, with particularly strong performance on underrepresented attacks such as SQL_injection and Uploading. The work demonstrates the potential of TCNs for robust, scalable intrusion detection in edge computing, while acknowledging limitations in generalizability and deployment in resource-constrained settings, and calls for broader dataset validation and real-time deployment studies.

Abstract

Network intrusion detection is critical for securing modern networks, yet the complexity of network traffic poses significant challenges to traditional methods. This study proposes a Temporal Convolutional Network(TCN) model featuring a residual block architecture with dilated convolutions to capture dependencies in network traffic data while ensuring training stability. The TCN's ability to process sequences in parallel enables faster, more accurate sequence modeling than Recurrent Neural Networks. Evaluated on the Edge-IIoTset dataset, which includes 15 classes with normal traffic and 14 cyberattack types, the proposed model achieved an accuracy of 96.72% and a loss of 0.0688, outperforming 1D CNN, CNN-LSTM, CNN-GRU, CNN-BiLSTM, and CNN-GRU-LSTM models. A class-wise classification report, encompassing metrics such as recall, precision, accuracy, and F1-score, demonstrated the TCN model's superior performance across varied attack categories, including Malware, Injection, and DDoS. These results underscore the model's potential in addressing the complexities of network intrusion detection effectively.

A Temporal Convolutional Network-based Approach for Network Intrusion Detection

TL;DR

This study addresses the challenge of multiclass network intrusion detection in edge IoT environments by introducing a Temporal Convolution Network (TCN) with residual blocks and dilated causal convolutions. The proposed architecture processes sequences in parallel, enabling efficient capture of long-range temporal dependencies, and culminates in a 15-class softmax classifier. On the Edge-IIoTset benchmark, the TCN outperforms 1D CNN and several CNN-based hybrid models, achieving 96.72% accuracy and 0.0668 loss, with particularly strong performance on underrepresented attacks such as SQL_injection and Uploading. The work demonstrates the potential of TCNs for robust, scalable intrusion detection in edge computing, while acknowledging limitations in generalizability and deployment in resource-constrained settings, and calls for broader dataset validation and real-time deployment studies.

Abstract

Network intrusion detection is critical for securing modern networks, yet the complexity of network traffic poses significant challenges to traditional methods. This study proposes a Temporal Convolutional Network(TCN) model featuring a residual block architecture with dilated convolutions to capture dependencies in network traffic data while ensuring training stability. The TCN's ability to process sequences in parallel enables faster, more accurate sequence modeling than Recurrent Neural Networks. Evaluated on the Edge-IIoTset dataset, which includes 15 classes with normal traffic and 14 cyberattack types, the proposed model achieved an accuracy of 96.72% and a loss of 0.0688, outperforming 1D CNN, CNN-LSTM, CNN-GRU, CNN-BiLSTM, and CNN-GRU-LSTM models. A class-wise classification report, encompassing metrics such as recall, precision, accuracy, and F1-score, demonstrated the TCN model's superior performance across varied attack categories, including Malware, Injection, and DDoS. These results underscore the model's potential in addressing the complexities of network intrusion detection effectively.

Paper Structure

This paper contains 20 sections, 5 equations, 2 figures, 9 tables.

Table of Contents

  1. Introduction
  2. Related Works
  3. Proposed Method
  4. Prediction models
  5. One-directional CNN
  6. Hybrid CNN
  7. Proposed Model
  8. Dataset
  9. Data Preprocessing
  10. Encoding and Size Reduction
  11. Feature Scaling
  12. Output Classes
  13. Results and Discussion
  14. Experimental Setup
  15. Evaluation Measures
  16. ...and 5 more sections

Figures (2)

  • Figure 1: Architecture of the Proposed Model
  • Figure 2: Confusion Matrix for the Proposed Model