首页|FlowGANAnomaly:Flow-Based Anomaly Network Intrusion Detection with Adversarial Learning

FlowGANAnomaly:Flow-Based Anomaly Network Intrusion Detection with Adversarial Learning

扫码查看
原文链接
  • 万方数据
In recent years,low recall rates and high dependencies on data labelling have become the biggest ob-stacle to developing deep anomaly detection(DAD)techniques.Inspired by the success of generative adversarial net-works(GANs)in detecting anomalies in computer vision and imaging,we propose an anomaly detection model called FlowGANAnomaly for detecting anomalous traffic in network intrusion detection systems(NIDS).Unlike traditional GAN-based approaches,which are composed of a flow encoder,a convolutional encoder-decoder-encoder,a flow de-coder and a convolutional encoder,the architecture of this model consists of a generator(G)and a discriminator(D).FlowGANAnomaly maps the different types of traffic feature data from separate datasets to a uniform feature space,thus can capture the normality of network traffic data more accurately in an adversarial manner to mitigate the problem of the high dependence on data labeling.Moreover,instead of simply detecting the anomalies by the output of D,we proposed a new anomaly scoring method that integrates the deviation between the output of two Gs'convo-lutional encoders with the output of D as weighted scores to improve the low recall rate of anomaly detection.We conducted several experiments comparing existing machine learning algorithms and existing deep learning methods(AutoEncoder and VAE)on four public datasets(NSL-KDD,CIC-IDS2017,CIC-DDoS2019,and UNSW-NB15).The evaluation results show that FlowGANAnomaly can significantly improve the performance of anomaly-based NIDS.

Anomaly detectionUnsupervised learningGenerative adversarial networkIntrusion detection system

Zeyi LI、Pan WANG、Zixuan WANG

展开 >

School of Computer Science,Nanjing University of Posts and Telecommunications,Nanjing 210003,China

School of Modern Posts,Nanjing University of Posts and Telecommunications,Nanjing 210003,China

School of Internet of Things,Nanjing University of Posts and Telecommunications,Nanjing 210003,China

National Natural Science FoundationNational Key Research and Development ProjectFuture Network Innovation Research and Application Projects

619722112020 YFB18047002021FNA02006

2024

10.23919/cje.2022.00.173

电子学报(英文)

电子学报(英文)

CSTPCDEI
ISSN:1022-4653
年,卷(期):2024.33(1)
  • 41