Do not get hung up on neural networks, there are equally cool algorithms. For example - gradient boosting, at one time for a thesis work on determining the cost of housing according to its parameters, it showed me the best results, although it all depends on the initial data and their processing. Here is an excellent lib for python https://github.com/Microsoft/LightGBM there is also sckikit-learn, but the first one can work with gpu, the second one didn’t know how a couple of years ago (I don’t know now).
My task was regression, in your case classification, but you can also use regression, i.e. to receive an answer not 0 (no) and 1 (yes), but as a percentage, the higher it looks like an attack, it seems to me that it will be clearer to study the data. Although if you don’t have clear answers in these data whether there was an attack at the current X, then you need to use clustering algorithms (so that the algorithm itself determines without knowing the answers for any data). Clustering algorithms are also in scikit-learn

We must first determine the set of input features in the range 0..1, on which the decision will be made.
The feature set is a vector.
It is impossible to do without criteria that determine what goes beyond the norm.
You can use the Bayesian decision model.

There are a lot of attack vectors on the network, as well as attack methods. Their combination (multiplication) will give a fairly large number. therefore, it is necessary to single out the most critical attacks and work on them.

As already mentioned here, the neural network is very far sideways here. There are several dozen (!!!) methods that, based on information about the state of the network or traffic, can recognize whether there was an attack or not, some can also recognize a specific type of attack. Both on the KDD cup99 data and on other ways of describing the state of information security objects. The topic is not new and well studied. There are also articles and books and even textbooks on this subject. If you at least tell me why you need it (for educational purposes in information security, for educational purposes in ML, for educational purposes in neurons, as a bachelor's work, as a master's, as a scientific task, as a task assigned to you as a system administrator, you know English, or as usual "with a dictionary" :-), - then something more directed can be advised. And so I looked - well, I have about 200 articles-books on the topic "Using ML to detect attacks" on my disk, and about 100 more in Chrome bookmarks. And this is generally not the limit and not all that can be found on the net. Which of them are by your standards, and which ones are too tough, or vice versa, too trivial?
Describe yourself - you can choose. And so...
PS By the way, as the name suggests, KDD cup99 is a database built BEFORE 1999. To do something really relevant according to twenty years ago is somehow a little doubtful.