Unsupervised learning approach for network intrusion detection system using autoencoders

Hyunseung Choi, Mintae Kim, Gyubok Lee, Wooju Kim

Research output: Contribution to journalArticlepeer-review

91 Citations (Scopus)


Network intrusion detection systems are useful tools that support system administrators in detecting various types of intrusions and play an important role in monitoring and analyzing network traffic. In particular, anomaly detection-based network intrusion detection systems are widely used and are mainly implemented in two ways: (1) a supervised learning approach trained using labeled data and (2) an unsupervised learning approach trained using unlabeled data. Most studies related to intrusion detection systems focus on supervised learning. However, the process of acquiring labeled data is expensive, requiring manual labeling by network experts. Therefore, it is worthwhile investigating the development of unsupervised learning approaches for intrusion detection systems. In this study, we developed a network intrusion detection system using an unsupervised learning algorithm autoencoder and verified its performance. As our results show, our model achieved an accuracy of 91.70%, which outperforms previous studies that achieved 80% accuracy using cluster analysis algorithms. Our results provide a practical guideline for developing network intrusion detection systems based on autoencoders and significantly contribute to the exploration of unsupervised learning techniques for various network intrusion detection systems.

Original languageEnglish
Pages (from-to)5597-5621
Number of pages25
JournalJournal of Supercomputing
Issue number9
Publication statusPublished - 2019 Sept 1

Bibliographical note

Funding Information:
This research was supported by the project “Efficient Operation of LTE Device and IT infrastructure Assets Self-diagnosis Integrated Control System” of the Korea Evaluation Institute of Industrial Technology.

Publisher Copyright:
© 2019, Springer Science+Business Media, LLC, part of Springer Nature.

All Science Journal Classification (ASJC) codes

  • Software
  • Theoretical Computer Science
  • Information Systems
  • Hardware and Architecture


Dive into the research topics of 'Unsupervised learning approach for network intrusion detection system using autoencoders'. Together they form a unique fingerprint.

Cite this