Empirical Evaluation of Autoencoder Models for Anomaly Detection in Packet-based NIDS

No Thumbnail Available

Authors

Hore, Soumyadeep
Nguyen, Quoc
Xu, Yulun
Shah, Ankit
Bastian, Nathaniel D.
Le, Trung

Issue Date

2023

Type

Conference presentations, papers, posters

Language

Keywords

Autoencoders , Network Intrusion Detection , Anomaly detection

Research Projects

Organizational Units

Journal Issue

Alternative Title

Abstract

Anomaly detection is critical for network security. Unsupervised learning models trained on benign network traffic data aim to detect anomalies without relying on attack data sets. Autoencoder-based models have emerged as a promising approach for detecting anomalies in network intrusion data. While autoencoder models have predominantly been utilized in flow-based approaches, which are suitable for offline analysis, there is a notable gap in research concerning unsupervised learning, particularly autoencoder-based techniques, for packetbased network intrusion detection. Packet-based network intrusion detection systems (NIDS) enable real-time detection at a granular level, making this area of investigation crucial. In this work, we compare autoencoder models for anomaly detection in packet-based NIDS. A methodological framework is presented for implementing an autoencoder-based network intrusion detection mechanism with packet data. A novel reconstruction error metric is proposed for autoencoders, which is evaluated at different threshold levels to compare the detection accuracies of network traffic anomalies. The effectiveness of autoencoder models is demonstrated on various network attacks and adversarial samples obtained from publicly available network intrusion data sets. The analysis highlights the strengths and limitations of different autoencoders for network traffic anomaly detection. The insights obtained from the empirical evaluation offer valuable guidance to researchers and practitioners aiming to develop an autoencoder-based network intrusion detection mechanism.

Description

Citation

Hore, S., Nguyen, Q., Xu, Y., Shah, A., Bastian, N. & Le, T. (2023). Empirical Evaluation of Autoencoder Models for Anomaly Detection in Packet-based NIDS. Proceedings of the 2023 IEEE Conference on Dependable and Secure Computing, pp. 1-8. IEEE.

Publisher

Proceedings of the 2023 IEEE Conference on Dependable and Secure Computing

License

Journal

Volume

Issue

URI

https://hdl.handle.net/20.500.14216/1461

PubMed ID

DOI

https://doi.org/10.1109/DSC61021.2023.10354098

ISSN

EISSN

Collections

Army Cyber Institute