GANAD: A GAN-based method for network anomaly detection

Cyber-intrusion always leads to severe threats to the network, i,e., system paralysis, information leaky, and economic losses. To protect network security, anomaly detection methods based on generative adversarial networks (GAN) for hindering cyber-intrusion have been proposed. However, existing GAN-based anomaly score methods built upon the generator network are designed for data synthesis, which would get unappealing performance on the anomaly detection task. Therefore, their low-efficient and unstable performance make detection tasks still quite challenging. To cope with these issues, we propose a novel GAN-based approach GANAD to address the above problems which is specifically designed for anomaly identification rather than data synthesis. Specifically, it first proposes a similar auto-encoder architecture, which makes up for the time-consuming problem of the traditional generator loss computation. In order to stabilize the training, the proposed discriminator training replaces JS divergence with Wasserstein distance adding gradient penalty. Then, it utilizes a new training strategy to better learn minority abnormal distribution from normal data, which contributes to the detection precision. Therefore, our approach can ensure the detection performance and overcomes the problem of unstable in the process of GAN training. Experimental results demonstrate that our approach achieves superior performance to state-of-the-art methods and reduces time consumption at the same time.