Network unknown-threat detection based on a generative adversarial network and evolutionary algorithm

Currently existing intrusion-detection systems can only meet the needs of the people for defense against the known threat, and lag in the detection of the unknown threat. To solve this problem, this study considers that the character of an unknown threat can evolve from known threats and propose a network unknown-threat detection algorithm intrusion detection method based on generating & evolution (IDM-GE) based on a generation countermeasure network and evolutionary computation. The intrusion detection method based on generating algorithm can balance the data set, make the classifier learn the characteristics of normal traffic and attack traffic more fairly, and increase the diversity of attack traffic distribution by dynamic games. The intrusion detection method based on evolution algorithm can mutate and evolve, and the combination of the generating algorithm and evolutionary algorithm can generalize the features of unknown threats from known threats in a large dynamic range while also improving the detection accuracy of unknown-threat traffic. The experimental results show that the proposed IDM-GE algorithm improves the detection accuracy and recall rate to more than 91% compared with the traditional ResNet algorithm.