Cargando…
Development of a Machine-Learning Intrusion Detection System and Testing of Its Performance Using a Generative Adversarial Network
Intrusion detection and prevention are two of the most important issues to solve in network security infrastructure. Intrusion detection systems (IDSs) protect networks by using patterns to detect malicious traffic. As attackers have tried to dissimulate traffic in order to evade the rules applied,...
| Autores principales: | , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2023
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9919617/ https://www.ncbi.nlm.nih.gov/pubmed/36772355 http://dx.doi.org/10.3390/s23031315 |
| _version_ | 1784886867176456192 |
|---|---|
| author | Mari, Andrei-Grigore Zinca, Daniel Dobrota, Virgil |
| author_facet | Mari, Andrei-Grigore Zinca, Daniel Dobrota, Virgil |
| author_sort | Mari, Andrei-Grigore |
| collection | PubMed |
| description | Intrusion detection and prevention are two of the most important issues to solve in network security infrastructure. Intrusion detection systems (IDSs) protect networks by using patterns to detect malicious traffic. As attackers have tried to dissimulate traffic in order to evade the rules applied, several machine learning-based IDSs have been developed. In this study, we focused on one such model involving several algorithms and used the NSL-KDD dataset as a benchmark to train and evaluate its performance. We demonstrate a way to create adversarial instances of network traffic that can be used to evade detection by a machine learning-based IDS. Moreover, this traffic can be used for training in order to improve performance in the case of new attacks. Thus, a generative adversarial network (GAN)—i.e., an architecture based on a deep-learning algorithm capable of creating generative models—was implemented. Furthermore, we tested the IDS performance using the generated adversarial traffic. The results showed that, even in the case of the GAN-generated traffic (which could successfully evade IDS detection), by using the adversarial traffic in the testing process, we could improve the machine learning-based IDS performance. |
| format | Online Article Text |
| id | pubmed-9919617 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2023 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-99196172023-02-12 Development of a Machine-Learning Intrusion Detection System and Testing of Its Performance Using a Generative Adversarial Network Mari, Andrei-Grigore Zinca, Daniel Dobrota, Virgil Sensors (Basel) Article Intrusion detection and prevention are two of the most important issues to solve in network security infrastructure. Intrusion detection systems (IDSs) protect networks by using patterns to detect malicious traffic. As attackers have tried to dissimulate traffic in order to evade the rules applied, several machine learning-based IDSs have been developed. In this study, we focused on one such model involving several algorithms and used the NSL-KDD dataset as a benchmark to train and evaluate its performance. We demonstrate a way to create adversarial instances of network traffic that can be used to evade detection by a machine learning-based IDS. Moreover, this traffic can be used for training in order to improve performance in the case of new attacks. Thus, a generative adversarial network (GAN)—i.e., an architecture based on a deep-learning algorithm capable of creating generative models—was implemented. Furthermore, we tested the IDS performance using the generated adversarial traffic. The results showed that, even in the case of the GAN-generated traffic (which could successfully evade IDS detection), by using the adversarial traffic in the testing process, we could improve the machine learning-based IDS performance. MDPI 2023-01-24 /pmc/articles/PMC9919617/ /pubmed/36772355 http://dx.doi.org/10.3390/s23031315 Text en © 2023 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Mari, Andrei-Grigore Zinca, Daniel Dobrota, Virgil Development of a Machine-Learning Intrusion Detection System and Testing of Its Performance Using a Generative Adversarial Network |
| title | Development of a Machine-Learning Intrusion Detection System and Testing of Its Performance Using a Generative Adversarial Network |
| title_full | Development of a Machine-Learning Intrusion Detection System and Testing of Its Performance Using a Generative Adversarial Network |
| title_fullStr | Development of a Machine-Learning Intrusion Detection System and Testing of Its Performance Using a Generative Adversarial Network |
| title_full_unstemmed | Development of a Machine-Learning Intrusion Detection System and Testing of Its Performance Using a Generative Adversarial Network |
| title_short | Development of a Machine-Learning Intrusion Detection System and Testing of Its Performance Using a Generative Adversarial Network |
| title_sort | development of a machine-learning intrusion detection system and testing of its performance using a generative adversarial network |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9919617/ https://www.ncbi.nlm.nih.gov/pubmed/36772355 http://dx.doi.org/10.3390/s23031315 |
| work_keys_str_mv | AT mariandreigrigore developmentofamachinelearningintrusiondetectionsystemandtestingofitsperformanceusingagenerativeadversarialnetwork AT zincadaniel developmentofamachinelearningintrusiondetectionsystemandtestingofitsperformanceusingagenerativeadversarialnetwork AT dobrotavirgil developmentofamachinelearningintrusiondetectionsystemandtestingofitsperformanceusingagenerativeadversarialnetwork |