Using EBGAN for Anomaly Intrusion Detection

• URL: http://arxiv.org/abs/2206.10400v1
• Date: Tue, 21 Jun 2022 13:49:34 GMT
• Title: Using EBGAN for Anomaly Intrusion Detection
• Authors: Yi Cui, Wenfeng Shen, Jian Zhang, Weijia Lu, Chuang Liu, Lin Sun, Si Chen
• Abstract summary: We propose an EBGAN-based intrusion detection method, IDS-EBGAN, that classifies network records as normal traffic or malicious traffic. The generator in IDS-EBGAN is responsible for converting the original malicious network traffic in the training set into adversarial malicious examples. During testing, IDS-EBGAN uses reconstruction error of discriminator to classify traffic records.
• Score: 13.155954231596434
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: As an active network security protection scheme, intrusion detection system (IDS) undertakes the important responsibility of detecting network attacks in the form of malicious network traffic. Intrusion detection technology is an important part of IDS. At present, many scholars have carried out extensive research on intrusion detection technology. However, developing an efficient intrusion detection method for massive network traffic data is still difficult. Since Generative Adversarial Networks (GANs) have powerful modeling capabilities for complex high-dimensional data, they provide new ideas for addressing this problem. In this paper, we put forward an EBGAN-based intrusion detection method, IDS-EBGAN, that classifies network records as normal traffic or malicious traffic. The generator in IDS-EBGAN is responsible for converting the original malicious network traffic in the training set into adversarial malicious examples. This is because we want to use adversarial learning to improve the ability of discriminator to detect malicious traffic. At the same time, the discriminator adopts Autoencoder model. During testing, IDS-EBGAN uses reconstruction error of discriminator to classify traffic records.

Related papers

• A Transformer-Based Framework for Payload Malware Detection and Classification [0.0]
  Techniques such as Deep Packet Inspection (DPI) have been introduced to allow IDSs analyze the content of network packets. In this paper, we propose a revolutionary DPI algorithm based on transformers adapted for the purpose of detecting malicious traffic.
  arXiv  Detail & Related papers  (2024-03-27T03:25:45Z)
• Improving Transferability of Network Intrusion Detection in a Federated Learning Setup [11.98319841778396]
  Network Intrusion Detection Systems (IDS) aim to detect the presence of an intruder by analyzing network packets arriving at an internet connected device. Deep learning systems, popular due to their superior performance compared to traditional IDS, depend on availability of high quality training data for diverse intrusion classes. We propose two techniques to significantly improve the transferability of a federated intrusion detection system.
  arXiv  Detail & Related papers  (2024-01-07T17:52:41Z)
• Multi-Agent Reinforcement Learning for Assessing False-Data Injection Attacks on Transportation Networks [27.89472896063777]
  We introduce a computational framework to find worst-case data-injection attacks against transportation networks. First, we devise an adversarial model with a threat actor who can manipulate drivers by increasing the travel times that they perceive on certain roads. Then, we employ hierarchical multi-agent reinforcement learning to find an approximate adversarial strategy for data manipulation.
  arXiv  Detail & Related papers  (2023-12-22T11:48:13Z)
• Efficient Federated Learning with Spike Neural Networks for Traffic Sign Recognition [70.306089187104]
  We introduce powerful Spike Neural Networks (SNNs) into traffic sign recognition for energy-efficient and fast model training. Numerical results indicate that the proposed federated SNN outperforms traditional federated convolutional neural networks in terms of accuracy, noise immunity, and energy efficiency as well.
  arXiv  Detail & Related papers  (2022-05-28T03:11:48Z)
• CANShield: Signal-based Intrusion Detection for Controller Area Networks [29.03951113836835]
  We propose CANShield, a signal-based intrusion detection framework for the CAN bus. CanShield consists of three modules: a data preprocessing module that handles the high-dimensional CAN data stream at the signal level; a data analyzer module consisting of multiple deep autoencoder networks, each analyzing the time-series data from a different temporal perspective; and an attack detection module that uses an ensemble method to make the final decision.
  arXiv  Detail & Related papers  (2022-05-03T04:52:44Z)
• AVTPnet: Convolutional Autoencoder for AVTP anomaly detection in Automotive Ethernet Networks [2.415997479508991]
  In this paper, we propose a convolutional autoencoder (CAE) for offline detection of anomalies on the Audio Video Transport Protocol (AVTP) Our proposed approach is evaluated on the recently published " Automotive Ethernet Intrusion dataset"
  arXiv  Detail & Related papers  (2022-01-31T19:13:20Z)
• TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack [46.79557381882643]
  We present TANTRA, a novel end-to-end Timing-based Adversarial Network Traffic Reshaping Attack. Our evasion attack utilizes a long short-term memory (LSTM) deep neural network (DNN) which is trained to learn the time differences between the target network's benign packets. TANTRA achieves an average success rate of 99.99% in network intrusion detection system evasion.
  arXiv  Detail & Related papers  (2021-03-10T19:03:38Z)
• Cassandra: Detecting Trojaned Networks from Adversarial Perturbations [92.43879594465422]
  In many cases, pre-trained models are sourced from vendors who may have disrupted the training pipeline to insert Trojan behaviors into the models. We propose a method to verify if a pre-trained model is Trojaned or benign. Our method captures fingerprints of neural networks in the form of adversarial perturbations learned from the network gradients.
  arXiv  Detail & Related papers  (2020-07-28T19:00:40Z)
• Machine Learning based Anomaly Detection for 5G Networks [0.0]
  This paper proposes SDS (Software Defined Security) as a means to provide an automated, flexible and scalable network defence system. SDS will harness current advances in machine learning to design a CNN (Convolutional Neural Network) using NAS (Neural Architecture Search) to detect anomalous network traffic.
  arXiv  Detail & Related papers  (2020-03-07T00:17:08Z)
• Anomaly Detection by One Class Latent Regularized Networks [36.67420338535258]
  Semi-supervised Generative Adversarial Networks (GAN)-based methods have been gaining popularity in anomaly detection task recently. A novel adversarial dual autoencoder network is proposed, in which the underlying structure of training data is captured in latent feature space. Experiments show that our model achieves the state-of-the-art results on MNIST and CIFAR10 datasets as well as GTSRB stop signs dataset.
  arXiv  Detail & Related papers  (2020-02-05T02:21:52Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.