Using EBGAN for Anomaly Intrusion Detection

TL;DR

This paper proposes IDS-EBGAN, an intrusion detection system utilizing EBGAN with an autoencoder discriminator to classify network traffic as normal or malicious, leveraging adversarial learning for improved detection accuracy.

Contribution

Introduces a novel EBGAN-based intrusion detection method that employs adversarial training and autoencoder discrimination to enhance malicious traffic detection.

Findings

Effective classification of network traffic as normal or malicious.

Improved detection accuracy through adversarial training.

Utilization of reconstruction error for traffic classification.

Abstract

As an active network security protection scheme, intrusion detection system (IDS) undertakes the important responsibility of detecting network attacks in the form of malicious network traffic. Intrusion detection technology is an important part of IDS. At present, many scholars have carried out extensive research on intrusion detection technology. However, developing an efficient intrusion detection method for massive network traffic data is still difficult. Since Generative Adversarial Networks (GANs) have powerful modeling capabilities for complex high-dimensional data, they provide new ideas for addressing this problem. In this paper, we put forward an EBGAN-based intrusion detection method, IDS-EBGAN, that classifies network records as normal traffic or malicious traffic. The generator in IDS-EBGAN is responsible for converting the original malicious network traffic in the training set into adversarial malicious examples. This is because we want to use adversarial learning to improve the ability of discriminator to detect malicious traffic. At the same time, the discriminator adopts Autoencoder model. During testing, IDS-EBGAN uses reconstruction error of discriminator to classify traffic records.