TL;DR
This paper introduces RePO, a denoising autoencoder-based NIDS that improves attack detection accuracy and robustness against adversarial examples, addressing limitations of traditional signature-based and neural network-based systems.
Contribution
We propose RePO, a novel autoencoder-based mechanism that enhances robustness and detection accuracy of network intrusion detection systems against adversarial attacks.
Findings
RePO improves attack detection by up to 29% in normal settings.
RePO enhances robustness, detecting attacks up to 45% more effectively under adversarial conditions.
RePO outperforms recent anomaly detectors in diverse attack scenarios.
Abstract
The increase of cyber attacks in both the numbers and varieties in recent years demands to build a more sophisticated network intrusion detection system (NIDS). These NIDS perform better when they can monitor all the traffic traversing through the network like when being deployed on a Software-Defined Network (SDN). Because of the inability to detect zero-day attacks, signature-based NIDS which were traditionally used for detecting malicious traffic are beginning to get replaced by anomaly-based NIDS built on neural networks. However, recently it has been shown that such NIDS have their own drawback namely being vulnerable to the adversarial example attack. Moreover, they were mostly evaluated on the old datasets which don't represent the variety of attacks network systems might face these days. In this paper, we present Reconstruction from Partial Observation (RePO) as a new mechanism…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
