Top

World Wide Web

Published in:

09-05-2023

GANAD: A GAN-based method for network anomaly detection

Authors: Jie Fu, Lina Wang, Jianpeng Ke, Kang Yang, Rongwei Yu

Published in: World Wide Web | Issue 5/2023

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Cyber-intrusion always leads to severe threats to the network, i,e., system paralysis, information leaky, and economic losses. To protect network security, anomaly detection methods based on generative adversarial networks (GAN) for hindering cyber-intrusion have been proposed. However, existing GAN-based anomaly score methods built upon the generator network are designed for data synthesis, which would get unappealing performance on the anomaly detection task. Therefore, their low-efficient and unstable performance make detection tasks still quite challenging. To cope with these issues, we propose a novel GAN-based approach GANAD to address the above problems which is specifically designed for anomaly identification rather than data synthesis. Specifically, it first proposes a similar auto-encoder architecture, which makes up for the time-consuming problem of the traditional generator loss computation. In order to stabilize the training, the proposed discriminator training replaces JS divergence with Wasserstein distance adding gradient penalty. Then, it utilizes a new training strategy to better learn minority abnormal distribution from normal data, which contributes to the detection precision. Therefore, our approach can ensure the detection performance and overcomes the problem of unstable in the process of GAN training. Experimental results demonstrate that our approach achieves superior performance to state-of-the-art methods and reduces time consumption at the same time.

previous article An efficient privacy-preserving blockchain storage method for internet of things environment

next article On-chain repairing for multi-party data migration

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

http://205.174.165.80/CICDataset/NSL-KDD/

https://research.unsw.edu.au/projects/unsw-nb15-dataset

Lin, P., Ye, K., Xu, C.-Z.: Dynamic network anomaly detection system by using deep learning techniques. In: International Conference on Cloud Computing, pp. 161–176. Springer (2019)

Chou, D., Jiang, M.: A survey on data-driven network intrusion detection. ACM Comput. Surveys (CSUR) 54(9), 1–36 (2021)CrossRef

Ahmim, A., Maglaras, L., Ferrag, M.A., Derdour, M., Janicke, H.: A novel hierarchical intrusion detection system based on decision tree and rules-based models. In: 2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS), pp. 228–233. IEEE (2019)

Miao, X., Liu, Y., Zhao, H., Li, C.: Distributed online one-class support vector machine for anomaly detection over networks. IEEE Trans. Cybern. 49(4), 1475–1488 (2018)CrossRef

Pang, G., Cao, L., Chen, L., Liu, H.: Learning representations of ultrahigh-dimensional data for random distance-based outlier detection. In: Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining, pp. 2041–2050 (2018)

Pang, G., Shen, C., Jin, H., Hengel, A.v.d.: Deep weakly-supervised anomaly detection. arXiv:1910.13601 (2019)

Ruff, L., Vandermeulen, R.A., Görnitz, N., Binder, A., Müller, E., Müller, K.-R., Kloft, M.: Deep semi-supervised anomaly detection. In: International Conference on Learning Representations (2019)

Goodfellow, I., Pouget-Abadie, J., Mirza, M., Xu, B., Warde-Farley, D., Ozair, S., Courville, A., Bengio, Y.: Generative adversarial nets. Advances in neural information processing systems 27 (2014)

Gill, P., Jain, N., Nagappan, N.: Understanding network failures in data centers: measurement, analysis, and implications. In: Proceedings of the ACM SIGCOMM 2011 Conference, pp. 350–361 (2011)

10.

Schlegl, T., Seeböck, P., Waldstein, S.M., Schmidt-Erfurth, U., Langs, G.: Unsupervised anomaly detection with generative adversarial networks to guide marker discovery. In: International Conference on Information Processing in Medical Imaging, pp. 146–157. Springer (2017)

11.

Akcay, S., Atapour-Abarghouei, A., Breckon, T.P.: Ganomaly: Semi-supervised anomaly detection via adversarial training. In: Asian Conference on Computer Vision, pp. 622–637. Springer (2018)

12.

Pang, G., Shen, C., Cao, L., Hengel, A.V.D.: Deep learning for anomaly detection: A review. ACM Comput. Surveys (CSUR) 54(2), 1–38 (2021)CrossRef

13.

Li, D., Chen, D., Jin, B., Shi, L., Goh, J., Ng, S.-K.: Mad-gan: Multivariate anomaly detection for time series data with generative adversarial networks. In: International Conference on Artificial Neural Networks, pp. 703–716. Springer (2019)

14.

Donahue, J., Krähenbühl, P., Darrell, T.: Adversarial feature learning. arXiv:1605.09782 (2016)

15.

Xiong, L., Póczos, B., Schneider, J.: Group anomaly detection using flexible genre models. Advances in neural information processing systems 24 (2011)

16.

Blowers, M., Williams, J.: Machine learning applied to cyber operations. In: Network Science and Cybersecurity, pp. 155–175 (2014)

17.

Khan, M.S.A.: Rule based network intrusion detection using genetic algorithm. Int. J. Comput. Applic. 18(8), 26–29 (2011)CrossRef

18.

Shone, N., Ngoc, T.N., Phai, V.D., Shi, Q.: A deep learning approach to network intrusion detection. IEEE Transactions on Emerging Topics in Computational Intelligence 2(1), 41–50 (2018)CrossRef

19.

Mulay, S.A., Devale, P., Garje, G.: Intrusion detection system using support vector machine and decision tree. Int. J. Comput. Applic. 3(3), 40–43 (2010)CrossRef

20.

Selvakumar, K., Karuppiah, M., SaiRamesh, L., Islam, S.H., Hassan, M.M., Fortino, G., Choo, K.-K.R.: Intelligent temporal classification and fuzzy rough set-based feature selection algorithm for intrusion detection system in wsns. Inform. Sci. 497, 77–90 (2019)CrossRef

21.

Breunig, M.M., Kriegel, H.-P., Ng, R.T., Sander, J.: Lof: identifying density-based local outliers. In: Proceedings of the 2000 ACM SIGMOD International Conference on Management of Data, pp. 93–104 (2000)

22.

Peña, D., Prieto, F.J.: Multivariate outlier detection and robust covariance matrix estimation. Technometrics 43(3), 286–310 (2001)MathSciNetCrossRef

23.

Liu, F.T., Ting, K.M., Zhou, Z.-H.: Isolation forest. In: 2008 Eighth Ieee International Conference on Data Mining, pp. 413–422. IEEE (2008)

24.

Torres, P., Catania, C., Garcia, S., Garino, C.G.: An analysis of recurrent neural networks for botnet detection behavior. In: 2016 IEEE Biennial Congress of Argentina (ARGENCON), pp. 1–6. IEEE (2016)

25.

Deng, A., Hooi, B.: Graph neural network-based anomaly detection in multivariate time series. In: Proceedings of the AAAI Conference on Artificial Intelligence, vol. 35, pp. 4027–4035 (2021)

26.

Kwon, D., Natarajan, K., Suh, S.C., Kim, H., Kim, J.: An empirical study on network anomaly detection using convolutional neural networks. In: ICDCS, pp. 1595–1598 (2018)

27.

Zhao, G., Zhang, C., Zheng, L.: Intrusion detection using deep belief network and probabilistic neural network. In: 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC), vol. 1, pp. 639–642. IEEE (2017)

28.

Pang, G., van den Hengel, A., Shen, C., Cao, L.: Toward deep supervised anomaly detection: Reinforcement learning from partially labeled anomaly data. In: Proceedings of the 27th ACM SIGKDD Conference on Knowledge Discovery & Data Mining, pp. 1298–1308 (2021)

29.

Wang, H., Pang, G., Shen, C., Ma, C.: Unsupervised representation learning by predicting random distances. In: Proceedings of the Twenty-Ninth International Conference on International Joint Conferences on Artificial Intelligence, pp. 2950–2956 (2021)

30.

Pang, G., Shen, C., van den Hengel, A.: Deep anomaly detection with deviation networks. In: Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining, pp. 353–362 (2019)

31.

Zhou, C., Paffenroth, R.C.: Anomaly detection with robust deep autoencoders. In: Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 665–674 (2017)

32.

An, J., Cho, S.: Variational autoencoder based anomaly detection using reconstruction probability. Special Lecture on IE 2(1), 1–18 (2015)

33.

Zong, B., Song, Q., Min, M.R., Cheng, W., Lumezanu, C., Cho, D., Chen, H.: Deep autoencoding gaussian mixture model for unsupervised anomaly detection. In: International Conference on Learning Representations (2018)

34.

Zhai, S., Cheng, Y., Lu, W., Zhang, Z.: Deep structured energy based models for anomaly detection. In: International Conference on Machine Learning, pp. 1100–1109. PMLR (2016)

35.

Mirsky, Y., Doitshman, T., Elovici, Y., Shabtai, A.: Kitsune: An ensemble of autoencoders for online network intrusion detection. In: Network and Distributed Systems Security (NDSS) Symposium (2018)

36.

Zenati, H., Foo, C.S., Lecouat, B., Manek, G., Chandrasekhar, V.R.: Efficient gan-based anomaly detection. arXiv:1802.06222 (2018)

37.

Zenati, H., Romain, M., Foo, C.-S., Lecouat, B., Chandrasekhar, V.: Adversarially learned anomaly detection. In: 2018 IEEE International Conference on Data Mining (ICDM), pp. 727–736. IEEE (2018)

38.

Mohammadi, B., Sabokrou, M.: End-to-end adversarial learning for intrusion detection in computer networks. In: 2019 IEEE 44th Conference on Local Computer Networks (LCN), pp. 270–273. IEEE (2019)

39.

Schlegl, T., Seeböck, P., Waldstein, S.M., Langs, G., Schmidt-Erfurth, U.: f-anogan: Fast unsupervised anomaly detection with generative adversarial networks. Med. Image Anal. 54, 30–44 (2019)CrossRef

40.

de Araujo-Filho, P.F., Kaddoum, G., Campelo, D.R., Santos, A.G., Macêdo, D., Zanchettin, C.: Intrusion detection for cyber-physical systems using generative adversarial networks in fog environment. IEEE Internet Things J. 8(8), 6247–6256 (2020)CrossRef

41.

Huang, S., Lei, K.: Igan-ids: An imbalanced generative adversarial network towards intrusion detection system in ad-hoc networks. Ad Hoc Netw. 105,(2020)

42.

Yuan, D., Ota, K., Dong, M., Zhu, X., Wu, T., Zhang, L., Ma, J.: Intrusion detection for smart home security based on data augmentation with edge computing. In: ICC 2020-2020 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE (2020)

43.

Flores, S.: Variational Autoencoders Are Beautiful. https://www.compthree.com/blog/autoencoder/ (2019). Accessed 15 Apr 2019

44.

Miyato, T., Kataoka, T., Koyama, M., Yoshida, Y.: Spectral normalization for generative adversarial networks. arXiv:1802.05957 (2018)

45.

Gulrajani, I., Ahmed, F., Arjovsky, M., Dumoulin, V., Courville, A.C.: Improved training of wasserstein gans. Advances in neural information processing systems 30 (2017)

46.

Roth, K., Lucchi, A., Nowozin, S., Hofmann, T.: Stabilizing training of generative adversarial networks through regularization. Advances in neural information processing systems 30 (2017)

47.

Arjovsky, M., Chintala, S., Bottou, L.: Wasserstein generative adversarial networks. In: International Conference on Machine Learning, pp. 214–223. PMLR (2017)

48.

Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the kdd cup 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6. Ieee (2009)

49.

Moustafa, N., Slay, J.: Unsw-nb15: a comprehensive data set for network intrusion detection systems (unsw-nb15 network data set). In: 2015 Military Communications and Information Systems Conference (MilCIS), pp. 1–6. IEEE (2015)

50.

Schölkopf, B., Williamson, R.C., Smola, A., Shawe-Taylor, J., Platt, J.: Support vector method for novelty detection. Advances in neural information processing systems 12 (1999)

Title: GANAD: A GAN-based method for network anomaly detection
Authors: Jie Fu
Lina Wang
Jianpeng Ke
Kang Yang
Rongwei Yu
Publication date: 09-05-2023
Publisher: Springer US
Published in: World Wide Web / Issue 5/2023
Print ISSN: 1386-145X
Electronic ISSN: 1573-1413
DOI: https://doi.org/10.1007/s11280-023-01160-4

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Other articles of this Issue 5/2023

Explanation-based data-free model extraction attacks

Quantifying controversy from stance, sentiment, offensiveness and sarcasm: a fine-grained controversy intensity measurement framework on a Chinese dataset

Anomaly and change point detection for time series with concept drift

Core maintenance for hypergraph streams

Editor’s note: Special issue on knowledge-graph-enabled methods and applications for the future web

Knowledge-graph-enabled biomedical entity linking: a survey

Premium Partner