Evaluating the impact of generative adversarial models on the performance of anomaly intrusion detection
Abstract With the increasing rate and types of cyber attacks against information systems and communication infrastructures, many tools are needed to detect and mitigate against such attacks, for example, Intrusion Detection Systems (IDSs). Unfortunately, traditional Signature‐based IDSs (SIDSs) perf...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Wiley
2024-01-01
|
Series: | IET Networks |
Subjects: | |
Online Access: | https://doi.org/10.1049/ntw2.12098 |
_version_ | 1797353964586401792 |
---|---|
author | Mohammad Arafah Iain Phillips Asma Adnane |
author_facet | Mohammad Arafah Iain Phillips Asma Adnane |
author_sort | Mohammad Arafah |
collection | DOAJ |
description | Abstract With the increasing rate and types of cyber attacks against information systems and communication infrastructures, many tools are needed to detect and mitigate against such attacks, for example, Intrusion Detection Systems (IDSs). Unfortunately, traditional Signature‐based IDSs (SIDSs) perform poorly against previously unseen adversarial attacks. Anomaly‐based IDSs (AIDSs) use Machine Learning (ML) and Deep Learning (DL) approaches to overcome these limitations. However, AIDS performance can be poor when trained on imbalanced datasets. To address the challenge of AIDS performance caused by these unbalanced training datasets, generative adversarial models are proposed to obtain adversarial attacks from one side and analyse their quality from another. According to extensive usage and reliability criteria for generative adversarial models in different disciplines, Generative Adversarial Networks (GANs), Bidirectional GAN (BiGAN), and Wasserstein GAN (WGAN) are employed to serve AIDS. The authors have extensively assessed their abilities and robustness to deliver high‐quality attacks for AIDS. AIDSs are constructed, trained, and tuned based on these models to measure their impacts. The authors have employed two datasets: NSL‐KDD and CICIDS‐2017 for generalisation purposes, where ML and DL approaches are utilised to implement AIDSs. Their results show that the WGAN model outperformed GANs and BiGAN models in binary and multiclass classifications for both datasets. |
first_indexed | 2024-03-08T13:38:32Z |
format | Article |
id | doaj.art-abd6773d82024ffa9cf78a1adfe93612 |
institution | Directory Open Access Journal |
issn | 2047-4954 2047-4962 |
language | English |
last_indexed | 2024-03-08T13:38:32Z |
publishDate | 2024-01-01 |
publisher | Wiley |
record_format | Article |
series | IET Networks |
spelling | doaj.art-abd6773d82024ffa9cf78a1adfe936122024-01-16T13:54:07ZengWileyIET Networks2047-49542047-49622024-01-01131284410.1049/ntw2.12098Evaluating the impact of generative adversarial models on the performance of anomaly intrusion detectionMohammad Arafah0Iain Phillips1Asma Adnane2Department of Computer Science Loughborough University Loughborough UKDepartment of Computer Science Loughborough University Loughborough UKDepartment of Computer Science Loughborough University Loughborough UKAbstract With the increasing rate and types of cyber attacks against information systems and communication infrastructures, many tools are needed to detect and mitigate against such attacks, for example, Intrusion Detection Systems (IDSs). Unfortunately, traditional Signature‐based IDSs (SIDSs) perform poorly against previously unseen adversarial attacks. Anomaly‐based IDSs (AIDSs) use Machine Learning (ML) and Deep Learning (DL) approaches to overcome these limitations. However, AIDS performance can be poor when trained on imbalanced datasets. To address the challenge of AIDS performance caused by these unbalanced training datasets, generative adversarial models are proposed to obtain adversarial attacks from one side and analyse their quality from another. According to extensive usage and reliability criteria for generative adversarial models in different disciplines, Generative Adversarial Networks (GANs), Bidirectional GAN (BiGAN), and Wasserstein GAN (WGAN) are employed to serve AIDS. The authors have extensively assessed their abilities and robustness to deliver high‐quality attacks for AIDS. AIDSs are constructed, trained, and tuned based on these models to measure their impacts. The authors have employed two datasets: NSL‐KDD and CICIDS‐2017 for generalisation purposes, where ML and DL approaches are utilised to implement AIDSs. Their results show that the WGAN model outperformed GANs and BiGAN models in binary and multiclass classifications for both datasets.https://doi.org/10.1049/ntw2.12098computer network securitydata miningfeature selectionlearning (artificial intelligence)pattern classification |
spellingShingle | Mohammad Arafah Iain Phillips Asma Adnane Evaluating the impact of generative adversarial models on the performance of anomaly intrusion detection IET Networks computer network security data mining feature selection learning (artificial intelligence) pattern classification |
title | Evaluating the impact of generative adversarial models on the performance of anomaly intrusion detection |
title_full | Evaluating the impact of generative adversarial models on the performance of anomaly intrusion detection |
title_fullStr | Evaluating the impact of generative adversarial models on the performance of anomaly intrusion detection |
title_full_unstemmed | Evaluating the impact of generative adversarial models on the performance of anomaly intrusion detection |
title_short | Evaluating the impact of generative adversarial models on the performance of anomaly intrusion detection |
title_sort | evaluating the impact of generative adversarial models on the performance of anomaly intrusion detection |
topic | computer network security data mining feature selection learning (artificial intelligence) pattern classification |
url | https://doi.org/10.1049/ntw2.12098 |
work_keys_str_mv | AT mohammadarafah evaluatingtheimpactofgenerativeadversarialmodelsontheperformanceofanomalyintrusiondetection AT iainphillips evaluatingtheimpactofgenerativeadversarialmodelsontheperformanceofanomalyintrusiondetection AT asmaadnane evaluatingtheimpactofgenerativeadversarialmodelsontheperformanceofanomalyintrusiondetection |