Evaluating the impact of generative adversarial models on the performance of anomaly intrusion detection

With the increasing rate and types of cyber attacks against information systems and communication infrastructures, many tools are needed to detect and mitigate against such attacks, for example, Intrusion Detection Systems (IDSs). Unfortunately, traditional Signature-based IDSs (SIDSs) perform poorly against previously unseen adversarial attacks. Anomaly-based IDSs (AIDSs) use Machine Learning (ML) and Deep Learning (DL) approaches to overcome these limitations. However, AIDS performance can be poor when trained on imbalanced datasets. To address the challenge of AIDS performance caused by these unbalanced training datasets, generative adversarial models are proposed to obtain adversarial attacks from one side and analyse their quality from another. According to extensive usage and reliability criteria for generative adversarial models in different disciplines, Generative Adversarial Networks (GANs), Bidirectional GAN (BiGAN), and Wasserstein GAN (WGAN) are employed to serve AIDS. The authors have extensively assessed their abilities and robustness to deliver high-quality attacks for AIDS. AIDSs are constructed, trained, and tuned based on these models to measure their impacts. The authors have employed two datasets: NSL-KDD and CICIDS-2017 for generalisation purposes, where ML and DL approaches are utilised to implement AIDSs. Their results show that the WGAN model outperformed GANs and BiGAN models in binary and multiclass classifications for both datasets. The quality of adversarial attacks produced by generative adversarial models (GANs, BiGAN, WGAN) and their impact on enhancing AIDS performance against unseen and rare attacks is assessed. The evaluation of generative adversarial models is covered by training on high diversity attacks and from real network traffic (NSL-KDD and CICIDS-2017). Also, AIDS built based on adversarial attacks are assessed based on different criteria, including classification types and learning approach (ML, DL), without bias to specific ones.image