Abnormal Traffic Detection: Traffic Feature Extraction and DAE-GAN With Efficient Data Augmentation

Zecheng Li, Shengyuan Chen, Hongshu Dai, Dunyuan Xu, Cheng Kang Chu, Bin Xiao

Research output: Journal article publicationJournal articleAcademic researchpeer-review

16 Citations (Scopus)

Abstract

Abnormal traffic detection is the core component of the network intrusion detection system. Although semisupervised methods can detect zero-day attack traffic, previous work suffers from high false alarms because the trained model is simply based on normal traffic. In this article, we propose an accurate abnormal traffic detection method using pseudoanomaly, consisting of an efficient feature extraction framework and a novel denoise autoencoder-generative adversarial network (DAE-GAN) model. The feature extraction framework adopts an innovative packet window scheme to extract spatial and temporal features from traffic flows. The DAE-GAN model has multiple DAEs to achieve efficient data augmentation and generate high-quality pseudoanomalies. The pseudoanomalies are obtained by adding noise on normal traffic and enhanced by adversarial learning in DAE-GAN. Our semisupervised detection method, exploiting both normal data and generated pseudoanomalies, achieves a precision of 98.6% on the NSL-KDD dataset and 98.5% on the UNSW-NB15 dataset. Compared with the state-of-the-art, the detection precision and recall under different user behaviors are significantly improved. The evaluation on four attack datasets shows that our method has a high flow-wise precision of over 99% and a high recall of 60.6%.

Original languageEnglish
Pages (from-to)498-510
Number of pages13
JournalIEEE Transactions on Reliability
Volume72
Issue number2
DOIs
Publication statusPublished - 1 Jun 2023

Keywords

  • Abnormal traffic detection
  • adversarial training
  • anomaly detection
  • deep learning
  • DNN
  • generative adversarial networks (GAN)
  • malware

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Abnormal Traffic Detection: Traffic Feature Extraction and DAE-GAN With Efficient Data Augmentation'. Together they form a unique fingerprint.

Cite this