The Network-Based Intrusion Detection System Based on Packet Sequence Image Representation and the Vision Transformer Model

With the continuous emergence of new network attacks, network-based intrusion detection systems (NIDS) have become an indispensable protection mechanism in network security. To enhance the accuracy and real-time performance of intrusion detection, a NIDS based on packet sequence representation and the deep learning model is proposed. Firstly, packet headers and payload data are analyzed using a packet parsing algorithm to effectively extract packet sequence features. Subsequently, an image construction algorithm encodes the temporal relationships within the feature set of packets, creating RGB images for the forward and backward features of the same flow. Finally, an intrusion detection model based on ViT is developed to perform intrusion detection based on image classification results, and the layered focal loss function is employed within the ViT model to improve classification performance and address data imbalance issues. Experimental results on public NIDS datasets demonstrate that the proposed system significantly enhances intrusion detection performance compared to existing NIDS, achieving a high detection rate of 97.7% to 99% across different attack types. Given the increasing complexity and diversity of current network intrusions, the proposed method will contribute to improved network security.