Using EBGAN for Anomaly Intrusion Detection
This addresses the challenge of efficient intrusion detection for massive network traffic data, but it appears incremental as it applies an existing EBGAN framework to a specific domain.
The paper tackles the problem of detecting malicious network traffic in intrusion detection systems by proposing IDS-EBGAN, a method based on EBGAN that uses adversarial learning to generate examples and an autoencoder discriminator, achieving classification through reconstruction error.
As an active network security protection scheme, intrusion detection system (IDS) undertakes the important responsibility of detecting network attacks in the form of malicious network traffic. Intrusion detection technology is an important part of IDS. At present, many scholars have carried out extensive research on intrusion detection technology. However, developing an efficient intrusion detection method for massive network traffic data is still difficult. Since Generative Adversarial Networks (GANs) have powerful modeling capabilities for complex high-dimensional data, they provide new ideas for addressing this problem. In this paper, we put forward an EBGAN-based intrusion detection method, IDS-EBGAN, that classifies network records as normal traffic or malicious traffic. The generator in IDS-EBGAN is responsible for converting the original malicious network traffic in the training set into adversarial malicious examples. This is because we want to use adversarial learning to improve the ability of discriminator to detect malicious traffic. At the same time, the discriminator adopts Autoencoder model. During testing, IDS-EBGAN uses reconstruction error of discriminator to classify traffic records.