DRL-GAN: A Hybrid Approach for Binary and Multiclass Network Intrusion Detection

• URL: http://arxiv.org/abs/2301.03368v1
• Date: Thu, 5 Jan 2023 19:51:24 GMT
• Title: DRL-GAN: A Hybrid Approach for Binary and Multiclass Network Intrusion Detection
• Authors: Caroline Strickland, Chandrika Saha, Muhammad Zakar, Sareh Nejad, Noshin Tasnim, Daniel Lizotte, Anwar Haque
• Abstract summary: Intrusion detection systems (IDS) are an essential security technology for detecting these attacks. We implement a novel hybrid technique using synthetic data produced by a Generative Adversarial Network (GAN) to use as input for training a Deep Reinforcement Learning (DRL) model. Our findings demonstrate that training the DRL on specific synthetic datasets can result in better performance in correctly classifying minority classes over training on the true imbalanced dataset.
• Score: 2.7122540465034106
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Our increasingly connected world continues to face an ever-growing amount of network-based attacks. Intrusion detection systems (IDS) are an essential security technology for detecting these attacks. Although numerous machine learning-based IDS have been proposed for the detection of malicious network traffic, the majority have difficulty properly detecting and classifying the more uncommon attack types. In this paper, we implement a novel hybrid technique using synthetic data produced by a Generative Adversarial Network (GAN) to use as input for training a Deep Reinforcement Learning (DRL) model. Our GAN model is trained with the NSL-KDD dataset for four attack categories as well as normal network flow. Ultimately, our findings demonstrate that training the DRL on specific synthetic datasets can result in better performance in correctly classifying minority classes over training on the true imbalanced dataset.

Related papers

• A Survey for Deep Reinforcement Learning Based Network Intrusion Detection [3.493620624883548]
  This paper explores the potential and challenges of using deep reinforcement learning (DRL) in network intrusion detection. The performance of DRL models is analyzed, showing that while DRL holds promise, many recent technologies remain underexplored. The paper concludes with recommendations for enhancing DRL deployment and testing in real-world network scenarios.
  arXiv  Detail & Related papers  (2024-09-25T13:39:30Z)
• usfAD Based Effective Unknown Attack Detection Focused IDS Framework [3.560574387648533]
  Internet of Things (IoT) and Industrial Internet of Things (IIoT) have led to an increasing range of cyber threats. For more than a decade, researchers have delved into supervised machine learning techniques to develop Intrusion Detection System (IDS) IDS trained and tested on known datasets fails in detecting zero-day or unknown attacks. We propose two strategies for semi-supervised learning based IDS where training samples of attacks are not required.
  arXiv  Detail & Related papers  (2024-03-17T11:49:57Z)
• On the Cross-Dataset Generalization of Machine Learning for Network Intrusion Detection [50.38534263407915]
  Network Intrusion Detection Systems (NIDS) are a fundamental tool in cybersecurity. Their ability to generalize across diverse networks is a critical factor in their effectiveness and a prerequisite for real-world applications. In this study, we conduct a comprehensive analysis on the generalization of machine-learning-based NIDS through an extensive experimentation in a cross-dataset framework.
  arXiv  Detail & Related papers  (2024-02-15T14:39:58Z)
• ADASR: An Adversarial Auto-Augmentation Framework for Hyperspectral and Multispectral Data Fusion [54.668445421149364]
  Deep learning-based hyperspectral image (HSI) super-resolution aims to generate high spatial resolution HSI (HR-HSI) by fusing hyperspectral image (HSI) and multispectral image (MSI) with deep neural networks (DNNs) In this letter, we propose a novel adversarial automatic data augmentation framework ADASR that automatically optimize and augments HSI-MSI sample pairs to enrich data diversity for HSI-MSI fusion.
  arXiv  Detail & Related papers  (2023-10-11T07:30:37Z)
• Multi-class Network Intrusion Detection with Class Imbalance via LSTM & SMOTE [1.0591656257413806]
  This paper proposes to use oversampling techniques along with appropriate loss functions to handle class imbalance for the detection of various types of network intrusions. Our deep learning model employs LSTM with fully connected layers to perform multi-class classification of network attacks.
  arXiv  Detail & Related papers  (2023-10-03T07:28:04Z)
• Adversarial training with informed data selection [53.19381941131439]
  Adrial training is the most efficient solution to defend the network against these malicious attacks. This work proposes a data selection strategy to be applied in the mini-batch training. The simulation results show that a good compromise can be obtained regarding robustness and standard accuracy.
  arXiv  Detail & Related papers  (2023-01-07T12:09:50Z)
• Downlink Power Allocation in Massive MIMO via Deep Learning: Adversarial Attacks and Training [62.77129284830945]
  This paper considers a regression problem in a wireless setting and shows that adversarial attacks can break the DL-based approach. We also analyze the effectiveness of adversarial training as a defensive technique in adversarial settings and show that the robustness of DL-based wireless system against attacks improves significantly.
  arXiv  Detail & Related papers  (2022-06-14T04:55:11Z)
• Distributed Adversarial Training to Robustify Deep Neural Networks at Scale [100.19539096465101]
  Current deep neural networks (DNNs) are vulnerable to adversarial attacks, where adversarial perturbations to the inputs can change or manipulate classification. To defend against such attacks, an effective approach, known as adversarial training (AT), has been shown to mitigate robust training. We propose a large-batch adversarial training framework implemented over multiple machines.
  arXiv  Detail & Related papers  (2022-06-13T15:39:43Z)
• NetSentry: A Deep Learning Approach to Detecting Incipient Large-scale Network Attacks [9.194664029847019]
  We show how to use Machine Learning for Network Intrusion Detection (NID) in a principled way. We propose NetSentry, perhaps the first of its kind NIDS that builds on Bi-ALSTM, an original ensemble of sequential neural models. We demonstrate F1 score gains above 33% over the state-of-the-art, as well as up to 3 times higher rates of detecting attacks such as XSS and web bruteforce.
  arXiv  Detail & Related papers  (2022-02-20T17:41:02Z)
• Learning to Detect: A Data-driven Approach for Network Intrusion Detection [17.288512506016612]
  We perform a comprehensive study on NSL-KDD, a network traffic dataset, by visualizing patterns and employing different learning-based models to detect cyber attacks. Unlike previous shallow learning and deep learning models that use the single learning model approach for intrusion detection, we adopt a hierarchy strategy. We demonstrate the advantage of the unsupervised representation learning model in binary intrusion detection tasks.
  arXiv  Detail & Related papers  (2021-08-18T21:19:26Z)
• Adversarial Attacks on Deep Learning Based Power Allocation in a Massive MIMO Network [62.77129284830945]
  We show that adversarial attacks can break DL-based power allocation in the downlink of a massive multiple-input-multiple-output (maMIMO) network. We benchmark the performance of these attacks and show that with a small perturbation in the input of the neural network (NN), the white-box attacks can result in infeasible solutions up to 86%.
  arXiv  Detail & Related papers  (2021-01-28T16:18:19Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.