PHANTOM: Progressive High-fidelity Adversarial Network for Threat Object Modeling
Jamal Al-Karaki, Muhammad Al-Zafar Khan, Rand Derar Mohammad Al Athamneh
TL;DR
PHANTOM is a novel adversarial framework that generates high-fidelity synthetic cyberattack data to improve intrusion detection systems, addressing data scarcity and preserving attack semantics.
Contribution
It introduces a progressive training, dual-path VAE-GAN architecture, and domain-specific feature matching for realistic attack data generation.
Findings
Achieves 98% weighted accuracy on real attack data
Synthetic data preserves authentic distributions and diversity
Addresses data scarcity in intrusion detection
Abstract
The scarcity of cyberattack data hinders the development of robust intrusion detection systems. This paper introduces PHANTOM, a novel adversarial variational framework for generating high-fidelity synthetic attack data. Its innovations include progressive training, a dual-path VAE-GAN architecture, and domain-specific feature matching to preserve the semantics of attacks. Evaluated on 100,000 network traffic samples, models trained on PHANTOM data achieve 98% weighted accuracy on real attacks. Statistical analyses confirm that the synthetic data preserves authentic distributions and diversity. Limitations in generating rare attack types are noted, highlighting challenges with severe class imbalance. This work advances the generation of synthetic data for training robust, privacy-preserving detection systems.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Adversarial Robustness in Machine Learning · Anomaly Detection Techniques and Applications