Today's computer system security is critical at every operational level and device, as the compromise of a single element can propagate through other connected network elements, causing unpredictable and dangerous effects. To face unauthorized access and evolving malicious strategies, researchers have intensified efforts to develop effective Intrusion Detection Systems (IDSs) that monitor and analyze network traffic to detect illegitimate activities. This is a difficult challenge given the growing sophistication of malicious tactics that often mimic legitimate behavior. In such a context, this work proposes the HYDRA-LNNE (Hybrid Data Real and Artificial LSTM Neural Network Ensemble) approach, which involves feature selection and data quantization to reduce data complexity, and an ensemble of three Long Short-Term Memory (LSTM) neural networks trained on real data, synthetic data generated by a Generative Adversarial Network (GAN), and a combination of both, with the aim to maximize the strengths of each data type, effectively discriminating normal from malicious network activities. The validation process performed on the UNSW-NB15 dataset, well known for its comprehensive representation of modern cyber threats, shows that our approach outperforms state-of-the-art solutions across multiple metrics.
Enhancing IDS with Ensemble LSTM Networks Using Real and GAN Data
Saia, Roberto;Carta, Salvatore;Fenu, Gianni;Podda, Alessandro Sebastian;Pompianu, Livio
2024-01-01
Abstract
Today's computer system security is critical at every operational level and device, as the compromise of a single element can propagate through other connected network elements, causing unpredictable and dangerous effects. To face unauthorized access and evolving malicious strategies, researchers have intensified efforts to develop effective Intrusion Detection Systems (IDSs) that monitor and analyze network traffic to detect illegitimate activities. This is a difficult challenge given the growing sophistication of malicious tactics that often mimic legitimate behavior. In such a context, this work proposes the HYDRA-LNNE (Hybrid Data Real and Artificial LSTM Neural Network Ensemble) approach, which involves feature selection and data quantization to reduce data complexity, and an ensemble of three Long Short-Term Memory (LSTM) neural networks trained on real data, synthetic data generated by a Generative Adversarial Network (GAN), and a combination of both, with the aim to maximize the strengths of each data type, effectively discriminating normal from malicious network activities. The validation process performed on the UNSW-NB15 dataset, well known for its comprehensive representation of modern cyber threats, shows that our approach outperforms state-of-the-art solutions across multiple metrics.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
