{"title":"基于推理自编码器的异常弹性网络入侵检测","authors":"Abdul Hannan, Christian Gruhl, B. Sick","doi":"10.1109/CSR51186.2021.9527980","DOIUrl":null,"url":null,"abstract":"This article focuses on the application of conditional variational autoencoders as anomaly detectors to identify emerging threats in computer networks. Autoencoders are machine learning techniques that are used to find lower-dimensional representations, i.e. an encoding in latent space, from input space. With variational Autoencoders (VAE) this representation is not a single code word or vector but a probability distribution – greatly improving the robustness of the coding scheme. In contrast to VAE, we present a conditional variational autoencoder (CVAE), which uses the latent representation to encode regular and malicious network traffic into a bimodal distribution. While regular autoencoders are unsupervised, we require some labeled data to tune the bimodal representations, thus turning the learning problem into a semi-supervised classification task. However, unknown threats (i.e. those not contained in labeled training data) can be detected as well. In our presented case study, based on available computer network datasets (KDD99 and CIC-IDS2017), we could improve the detection of unknown threats compared to conventional approaches. Our experiments are publicly available.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"116 4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Anomaly based Resilient Network Intrusion Detection using Inferential Autoencoders\",\"authors\":\"Abdul Hannan, Christian Gruhl, B. Sick\",\"doi\":\"10.1109/CSR51186.2021.9527980\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This article focuses on the application of conditional variational autoencoders as anomaly detectors to identify emerging threats in computer networks. Autoencoders are machine learning techniques that are used to find lower-dimensional representations, i.e. an encoding in latent space, from input space. With variational Autoencoders (VAE) this representation is not a single code word or vector but a probability distribution – greatly improving the robustness of the coding scheme. In contrast to VAE, we present a conditional variational autoencoder (CVAE), which uses the latent representation to encode regular and malicious network traffic into a bimodal distribution. While regular autoencoders are unsupervised, we require some labeled data to tune the bimodal representations, thus turning the learning problem into a semi-supervised classification task. However, unknown threats (i.e. those not contained in labeled training data) can be detected as well. In our presented case study, based on available computer network datasets (KDD99 and CIC-IDS2017), we could improve the detection of unknown threats compared to conventional approaches. Our experiments are publicly available.\",\"PeriodicalId\":253300,\"journal\":{\"name\":\"2021 IEEE International Conference on Cyber Security and Resilience (CSR)\",\"volume\":\"116 4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-07-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE International Conference on Cyber Security and Resilience (CSR)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSR51186.2021.9527980\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSR51186.2021.9527980","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Anomaly based Resilient Network Intrusion Detection using Inferential Autoencoders
This article focuses on the application of conditional variational autoencoders as anomaly detectors to identify emerging threats in computer networks. Autoencoders are machine learning techniques that are used to find lower-dimensional representations, i.e. an encoding in latent space, from input space. With variational Autoencoders (VAE) this representation is not a single code word or vector but a probability distribution – greatly improving the robustness of the coding scheme. In contrast to VAE, we present a conditional variational autoencoder (CVAE), which uses the latent representation to encode regular and malicious network traffic into a bimodal distribution. While regular autoencoders are unsupervised, we require some labeled data to tune the bimodal representations, thus turning the learning problem into a semi-supervised classification task. However, unknown threats (i.e. those not contained in labeled training data) can be detected as well. In our presented case study, based on available computer network datasets (KDD99 and CIC-IDS2017), we could improve the detection of unknown threats compared to conventional approaches. Our experiments are publicly available.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
