TL;DR
Kitsune is an online, unsupervised network intrusion detection system using an ensemble of autoencoders, capable of real-time attack detection on resource-constrained devices like Raspberry Pi.
Contribution
The paper introduces Kitsune, a novel plug-and-play NIDS that learns attack patterns online without supervision using an ensemble of autoencoders, suitable for low-resource environments.
Findings
Detects various attacks with performance comparable to offline methods
Operates efficiently on devices with limited resources like Raspberry Pi
Provides an unsupervised, real-time intrusion detection solution
Abstract
Neural networks have become an increasingly popular solution for network intrusion detection systems (NIDS). Their capability of learning complex patterns and behaviors make them a suitable solution for differentiating between normal traffic and network attacks. However, a drawback of neural networks is the amount of resources needed to train them. Many network gateways and routers devices, which could potentially host an NIDS, simply do not have the memory or processing power to train and sometimes even execute such models. More importantly, the existing neural network solutions are trained in a supervised manner. Meaning that an expert must label the network traffic and update the model manually from time to time. In this paper, we present Kitsune: a plug and play NIDS which can learn to detect attacks on the local network, without supervision, and in an efficient online manner.…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
MethodsAutoencoders
