Anomaly-based network intrusion detection using denoising autoencoder and Wasserstein GAN synthetic attacks

IF 7.2 1区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Applied Soft Computing Pub Date : 2024-11-22 DOI:10.1016/j.asoc.2024.112455

Mohammad Arafah , Iain Phillips , Asma Adnane , Wael Hadi , Mohammad Alauthman , Abedal-Kareem Al-Banna

{"title":"Anomaly-based network intrusion detection using denoising autoencoder and Wasserstein GAN synthetic attacks","authors":"Mohammad Arafah , Iain Phillips , Asma Adnane , Wael Hadi , Mohammad Alauthman , Abedal-Kareem Al-Banna","doi":"10.1016/j.asoc.2024.112455","DOIUrl":null,"url":null,"abstract":"<div><div>Intrusion detection systems face challenges in handling high-dimensional, large-scale, and imbalanced network traffic data. This paper proposes a novel architecture combining a denoising autoencoder (AE) and a Wasserstein generative adversarial network (WGAN) to address these issues. The AE-WGAN model extracts high-representative features and generates realistic synthetic attacks, effectively resolving data imbalance and enhancing anomaly-based intrusion detection. Extensive experiments on NSL-KDD and CICIDS-2017 datasets, using both binary and multiclass classification scenarios with various classifier architectures, demonstrate the model’s superior performance. The proposed approach outperforms state-of-the-art models in accuracy, precision, recall, and F1 score, showing excellent generalization capabilities against unseen attacks. Time complexity analysis reveals computational efficiency while maintaining high-quality synthetic attack generation. This research contributes a robust, efficient, and adaptable framework for intrusion detection, capable of handling modern network traffic complexities and evolving cyber threats.</div></div>","PeriodicalId":50737,"journal":{"name":"Applied Soft Computing","volume":"168 ","pages":"Article 112455"},"PeriodicalIF":7.2000,"publicationDate":"2024-11-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Applied Soft Computing","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1568494624012298","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

Intrusion detection systems face challenges in handling high-dimensional, large-scale, and imbalanced network traffic data. This paper proposes a novel architecture combining a denoising autoencoder (AE) and a Wasserstein generative adversarial network (WGAN) to address these issues. The AE-WGAN model extracts high-representative features and generates realistic synthetic attacks, effectively resolving data imbalance and enhancing anomaly-based intrusion detection. Extensive experiments on NSL-KDD and CICIDS-2017 datasets, using both binary and multiclass classification scenarios with various classifier architectures, demonstrate the model’s superior performance. The proposed approach outperforms state-of-the-art models in accuracy, precision, recall, and F1 score, showing excellent generalization capabilities against unseen attacks. Time complexity analysis reveals computational efficiency while maintaining high-quality synthetic attack generation. This research contributes a robust, efficient, and adaptable framework for intrusion detection, capable of handling modern network traffic complexities and evolving cyber threats.

查看原文本刊更多论文

使用去噪自动编码器和 Wasserstein GAN 合成攻击进行基于异常的网络入侵检测

入侵检测系统在处理高维、大规模和不平衡网络流量数据时面临挑战。本文提出了一种结合去噪自动编码器（AE）和瓦瑟斯坦对抗生成网络（WGAN）的新型架构来解决这些问题。AE-WGAN 模型可提取高代表性特征并生成逼真的合成攻击，从而有效解决数据不平衡问题并增强基于异常的入侵检测。在 NSL-KDD 和 CICIDS-2017 数据集上进行的大量实验证明了该模型的优越性能，实验中使用了二分类和多分类场景以及各种分类器架构。所提出的方法在准确度、精确度、召回率和 F1 分数上都优于最先进的模型，显示出针对未见攻击的出色泛化能力。时间复杂性分析表明，在保持高质量合成攻击生成的同时，计算效率也很高。这项研究为入侵检测提供了一个稳健、高效、适应性强的框架，能够处理现代网络流量的复杂性和不断发展的网络威胁。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Applied Soft Computing 工程技术-计算机：跨学科应用

CiteScore

15.80

自引率

6.90%

发文量

874

审稿时长

10.9 months

期刊介绍： Applied Soft Computing is an international journal promoting an integrated view of soft computing to solve real life problems.The focus is to publish the highest quality research in application and convergence of the areas of Fuzzy Logic, Neural Networks, Evolutionary Computing, Rough Sets and other similar techniques to address real world complexities. Applied Soft Computing is a rolling publication: articles are published as soon as the editor-in-chief has accepted them. Therefore, the web site will continuously be updated with new articles and the publication time will be short.