Training a Bidirectional GAN-based One-Class Classifier for Network Intrusion Detection

TL;DR

This paper introduces a Bidirectional GAN-based one-class classifier for network intrusion detection, effectively identifying anomalies in network traffic without complex scoring, and demonstrates superior performance on the NSL-KDD dataset.

Contribution

The paper proposes a novel encoder-discriminator model based on Bidirectional GANs for anomaly detection in network traffic, avoiding complex scoring methods.

Findings

Outperforms other generative methods on NSL-KDD dataset

Effective in detecting anomalous network traffic

Eliminates need for complex anomaly scoring

Abstract

The network intrusion detection task is challenging because of the imbalanced and unlabeled nature of the dataset it operates on. Existing generative adversarial networks (GANs), are primarily used for creating synthetic samples from reals. They also have been proved successful in anomaly detection tasks. In our proposed method, we construct the trained encoder-discriminator as a one-class classifier based on Bidirectional GAN (Bi-GAN) for detecting anomalous traffic from normal traffic other than calculating expensive and complex anomaly scores or thresholds. Our experimental result illustrates that our proposed method is highly effective to be used in network intrusion detection tasks and outperforms other similar generative methods on the NSL-KDD dataset.