LE QUY DON
Technical University
VietnameseClear Cookie - decide language by browser settings

A Novel Deep Clustering Variational Auto-Encoder for Anomaly-based Network Intrusion Detection

Nguyen, V.Q. and Nguyen, V.H. and Hoang, T.H. and Shone, N. (2022) A Novel Deep Clustering Variational Auto-Encoder for Anomaly-based Network Intrusion Detection. In: Conference of 14th International Conference on Knowledge and Systems Engineering, KSE 2022, 19 October 2022 Through 21 October 2022, Virtual, Online.

Full text not available from this repository. (Upload)

Abstract

The role of semi-supervised network intrusion detection systems is becoming increasingly important in the ever-changing digital landscape. Despite the boom in commercial and research interest, there are still many concerns over accuracy yet to be addressed. Two of the major limitations contributing to this concern are reliably learning the underlying probability distribution of normal network data and the identification of the boundary between the normal and anomalous data regions in the latent space. Recent research has proposed many different ways to learn the latent representation of normal data in a semi-supervised manner, such as using Clustering-based Autoencoder (CAE) and hybridized approaches of Principal Component Analysis (PCA) and CAE. However, such approaches are still affected by these limitations, predominantly due to an overreliance on feature engineering, or the inability to handle the large data dimensionality. In this paper, we propose a novel Cluster Variational Autoencoder (CVAE) deep learning model to overcome the aforementioned limitations and increase the efficiency of network intrusion detection. This enables a more concise and dominant representation of the latent space to be learnt. The probability distribution learning capabilities of the VAE are fully exploited to learn the underlying probability distribution of the normal network data. This combination enables us to address the limitations discussed. The performance of the proposed model is evaluated using eight benchmark network intrusion datasets: NSL-KDD, UNSW-NB15, CICIDS2017 and five scenarios from CTU13 (CTU13-08, CTU-13-09, CTU13-10, CTU13-12 and CTU13-13). The experimental results achieved clearly demonstrate that the proposed method outperforms semi-supervised approaches from existing works. © 2022 IEEE.

Item Type: Conference or Workshop Item (Paper)
Divisions: Faculties > Faculty of Information Technology
Identification Number: 10.1109/KSE56063.2022.9953763
Uncontrolled Keywords: Anomaly detection; Benchmarking; Deep learning; Intrusion detection; Learning systems; Network coding; Principal component analysis, Anomaly detection; Auto encoders; Clusterings; Latent representation; Learn+; Network data; Network intrusion detection; Probability: distributions; Semi-supervised; Variational autoencoder, Probability distributions
Additional Information: Conference of 14th International Conference on Knowledge and Systems Engineering, KSE 2022 ; Conference Date: 19 October 2022 Through 21 October 2022; Conference Code:184621
URI: http://eprints.lqdtu.edu.vn/id/eprint/10717

Actions (login required)

View Item
View Item