Comparative Evaluation of VAEs, VAE-GANs and AAEs for Anomaly Detection in Network Intrusion Data
With cyberattacks growing in frequency and sophistication, effective anomaly detection is critical for securing networks and systems. This study provides a comparative evaluation of deep generative models for detecting anomalies in network intrusion data. The key objective is to determine the most...
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Politeknik Elektronika Negeri Surabaya
2023-12-01
|
| Series: | Emitter: International Journal of Engineering Technology |
| Subjects: | |
| Online Access: | https://emitter.pens.ac.id/index.php/emitter/article/view/817 |
| _version_ | 1827383594974183424 |
|---|---|
| author | Mahmoud Mohamed |
| author_facet | Mahmoud Mohamed |
| author_sort | Mahmoud Mohamed |
| collection | DOAJ |
| description |
With cyberattacks growing in frequency and sophistication, effective anomaly detection is critical for securing networks and systems. This study provides a comparative evaluation of deep generative models for detecting anomalies in network intrusion data. The key objective is to determine the most accurate model architecture. Variational autoencoders (VAEs), VAE-GANs, and adversarial autoencoders (AAEs) are tested on the NSL-KDD dataset containing normal traffic and different attack types. Results show that AAEs significantly outperform VAEs and VAE-GANs, achieving AUC scores up to 0.96 and F1 scores of 0.76 on novel attacks. The adversarial regularization of AAEs enables superior generalization capabilities compared to standard VAEs. VAE-GANs exhibit better accuracy than VAEs, demonstrating the benefits of adversarial training. However, VAE-GANs have higher computational requirements. The findings provide strong evidence that AAEs are the most effective deep anomaly detection technique for intrusion detection systems. This study delivers novel insights into optimizing deep learning architectures for cyber defense. The comparative evaluation methodology and results will aid researchers and practitioners in selecting appropriate models for operational network security.
|
| first_indexed | 2024-03-08T14:43:00Z |
| format | Article |
| id | doaj.art-7675474959fa45ac91c3804a4d288a6c |
| institution | Directory Open Access Journal |
| issn | 2355-391X 2443-1168 |
| language | English |
| last_indexed | 2024-03-08T14:43:00Z |
| publishDate | 2023-12-01 |
| publisher | Politeknik Elektronika Negeri Surabaya |
| record_format | Article |
| series | Emitter: International Journal of Engineering Technology |
| spelling | doaj.art-7675474959fa45ac91c3804a4d288a6c2024-01-11T15:40:39ZengPoliteknik Elektronika Negeri SurabayaEmitter: International Journal of Engineering Technology2355-391X2443-11682023-12-0111210.24003/emitter.v11i2.817Comparative Evaluation of VAEs, VAE-GANs and AAEs for Anomaly Detection in Network Intrusion DataMahmoud Mohamed0MR With cyberattacks growing in frequency and sophistication, effective anomaly detection is critical for securing networks and systems. This study provides a comparative evaluation of deep generative models for detecting anomalies in network intrusion data. The key objective is to determine the most accurate model architecture. Variational autoencoders (VAEs), VAE-GANs, and adversarial autoencoders (AAEs) are tested on the NSL-KDD dataset containing normal traffic and different attack types. Results show that AAEs significantly outperform VAEs and VAE-GANs, achieving AUC scores up to 0.96 and F1 scores of 0.76 on novel attacks. The adversarial regularization of AAEs enables superior generalization capabilities compared to standard VAEs. VAE-GANs exhibit better accuracy than VAEs, demonstrating the benefits of adversarial training. However, VAE-GANs have higher computational requirements. The findings provide strong evidence that AAEs are the most effective deep anomaly detection technique for intrusion detection systems. This study delivers novel insights into optimizing deep learning architectures for cyber defense. The comparative evaluation methodology and results will aid researchers and practitioners in selecting appropriate models for operational network security. https://emitter.pens.ac.id/index.php/emitter/article/view/817Variational autoencoders (VAEs)Adversarial autoencoders (AAEs)Variational autoencoder GANs (VAE-GANs)Anomaly detection |
| spellingShingle | Mahmoud Mohamed Comparative Evaluation of VAEs, VAE-GANs and AAEs for Anomaly Detection in Network Intrusion Data Emitter: International Journal of Engineering Technology Variational autoencoders (VAEs) Adversarial autoencoders (AAEs) Variational autoencoder GANs (VAE-GANs) Anomaly detection |
| title | Comparative Evaluation of VAEs, VAE-GANs and AAEs for Anomaly Detection in Network Intrusion Data |
| title_full | Comparative Evaluation of VAEs, VAE-GANs and AAEs for Anomaly Detection in Network Intrusion Data |
| title_fullStr | Comparative Evaluation of VAEs, VAE-GANs and AAEs for Anomaly Detection in Network Intrusion Data |
| title_full_unstemmed | Comparative Evaluation of VAEs, VAE-GANs and AAEs for Anomaly Detection in Network Intrusion Data |
| title_short | Comparative Evaluation of VAEs, VAE-GANs and AAEs for Anomaly Detection in Network Intrusion Data |
| title_sort | comparative evaluation of vaes vae gans and aaes for anomaly detection in network intrusion data |
| topic | Variational autoencoders (VAEs) Adversarial autoencoders (AAEs) Variational autoencoder GANs (VAE-GANs) Anomaly detection |
| url | https://emitter.pens.ac.id/index.php/emitter/article/view/817 |
| work_keys_str_mv | AT mahmoudmohamed comparativeevaluationofvaesvaegansandaaesforanomalydetectioninnetworkintrusiondata |