Most of the intrusion detection methods in computer networks are based on traffic flow characteristics. However, this approach may not fully exploit the potential of deep learning algorithms to directly extract features and patterns from raw packets. Moreover, it impedes real-time monitoring due to the necessity of waiting for the processing pipeline to complete and introduces dependencies on additional software components. In this paper, we investigate deep learning methodologies capable of detecting attacks in real-time directly from raw packet data within network traffic. We propose a novel approach where packets are stacked into windows and separately recognised, with a 2D image representation suitable for processing with computer vision models. Our investigation utilizes the CIC IDS-2017 dataset, which includes both benign traffic and prevalent real-world attacks, providing a comprehensive foundation for our research.

翻译：当前计算机网络中的入侵检测方法大多基于流量特征。然而，这种方法可能无法充分发挥深度学习算法直接从原始数据包中提取特征和模式的潜力。此外，由于需要等待处理流水线完成，该方法阻碍了实时监控，并引入了对额外软件组件的依赖。在本文中，我们研究了能够直接从网络流量中的原始数据包数据实时检测攻击的深度学习方法。我们提出了一种新颖的方法，将数据包堆叠成窗口并分别进行识别，采用适合计算机视觉模型处理的二维图像表示。我们的研究使用了CIC IDS-2017数据集，该数据集包含良性流量和普遍存在的现实世界攻击，为我们的研究提供了全面的基础。