Применение генеративных состязательных сетей в системах обнаружения аномалий
Работая с сайтом, я даю свое согласие на использование файлов cookie. Это необходимо для нормального функционирования сайта, показа целевой рекламы и анализа трафика. Статистика использования сайта обрабатывается системой Яндекс.Метрика
Научный журнал Моделирование, оптимизация и информационные технологииThe scientific journal Modeling, Optimization and Information Technology
Online media
issn 2310-6018

Application of generative adversarial networks in anomaly detection systems

Sychugov A.A.,  Grekov M.M. 

UDC 004.023
DOI: 10.26102/2310-6018/2021.32.1.003

  • Abstract
  • List of references
  • About authors

Today, intrusion detection system based on signatures of known attacks is an important security tool, but this method is ineffective against zero-day vulnerabilities. Anomaly-based intrusion detection systems are a relevant approach to neutralize previously unknown computer attacks and new malicious software. Machine learning algorithms can be used to build a system that can classify input data. At the moment, using this an anomaly detection system in real conditions is not effective enough, because there is a high probability of classification errors due to the non-uniform distribution of data between classes. It is also necessary to take into account the possibility of adversarial attacks used by an attacker to overcome classification algorithms, as a result of which a real attack can be missed by the detector. Thereat, this article describes the problem of imbalance in the training dataset and instability to adversarial attacks by intruders when using an anomaly detection system based on neural networks. As a solution, it is proposed to apply an algorithm of generative adversarial networks to supplement a small class of attacks with generated examples, which also makes the classifier more resistant to adversarial attacks. An algorithm for training the generator and discriminator is considered, and a description of the NSL-KDD dataset is given, which is proposed to be used as a training and test one.

1. Scarfone K., Mell P. Guide to intrusion detection and prevention systems. Available at: https://csrc.nist.gov/publications/detail/sp/800-94/final DOI:10.6028/NIST.SP.800-94 (accessed 18.10.2020).

2. Bobrov A. Sistemy obnaruzheniya vtorzhenii. Sait Instituta mekhaniki sploshnykh sred Rossiiskoi Akademii Nauk. Available at: http://www2.icmm.ru/~masich/ win/lexion/ids/ids.html (In Russ) (accessed 18.10.2020).

3. Yavtukhovskii E.Yu. Analiz sistem obnaruzheniya vtorzhenii na osnove intellektual'nykh tekhnologii. Tekhnicheskie nauki: teoriya i praktika : materialy III Mezhdunar. nauch. konf. (g. Chita, aprel' 2016 g.). Chita : Izdatel'stvo Molodoi uchenyi, 2016. Available at: https://moluch.ru/conf/tech/archive/165/10049/ (In Russ) (accessed 18.10.2020).

4. Security Boulevard. Why 2020 will be the year artificial intelligence stops being optional for security. Доступно по: https://securityintelligence.com/articles/why-2020-will-be-the-year-artificial-intelligence-stops-being-optional-for-security (accessed 18.10.2020).

5. Georgios Douzas and Fernando Bao. Effective data generation for imbalanced learning using conditional generative adversarial networks. Expert Systems with Applications, 2018;91;464-471. Available at: https://www.researchgate.net/publication/319672232_ Effective_data_generation_for_imbalanced_learning_using_Conditional_Generative_Adversarial_Networks DOI: 10.1016/j.eswa.2017.09.030 (accessed 18.10.2020).

6. Security Boulevard. Hacking the hackers: Adversarial AI and how to fight it. Available at: https://securityboulevard.com/2020/01/hacking-the-hackers-adversarial-ai-and-how-to-fight-it (дата обращения: 18.10.2020).

7. Weiwei Hu and Ying Tan. Generating adversarial malware examples for black-box attacks based on gan. arXiv preprint arXiv:1702.05983, 2017. Available at: https://arxiv.org/abs/1702.05983 (accessed 18.10.2020).

8. Adversarial Attacks in Machine Learning and How to Defend Against Them. Available at: https://towardsdatascience.com/adversarial-attacks-in-machine-learning-and-how-to-defend-against-them-a2beed95f49c (accessed 18.10.2020).

9. Zilong Lin, Yong Shi, and Zhi Xue. Idsgan: Generative adversarial networks for attack generation against intrusion detection. arXiv preprint arXiv:1809.02077, 2018. Available at: https://arxiv.org/abs/1809.02077 (accessed 18.10.2020).

10. Ian Goodfellow, Jean Pouget-Abadie, Mehdi Mirza, Bing Xu, David Warde-Farley. Generative adversarial nets. Advances in Neural Information Processing Systems, 2014. Available at: https://arxiv.org/abs/1406.2661 (accessed.10.2020).

11. Ming-Yu Liu, Xun Huang, Jiahui Yu, Ting-Chun Wang, Arun Mallya. Generative Adversarial Networks for Image and Video Synthesis: Algorithms and Applications, 2020. Available at: https://arxiv.org/abs/2008.02793 (accessed 18.10.2020).

12. Hu L., Zhang Z., Tang H., Xie, N. An improved intrusion detection framework based on artificial neural networks. In Proceedings of the 11th International Conference on Natural Computation, 2015. Available at: https://www.researchgate.net/publication/ 304289908_An_improved_intrusion_detection_framework_based_on_Artificial_Neural_Networks DOI: 10.1109/icnc.2015.7378148 (accessed 18.10.2020).

13. Davis J. J., Clark A. J. Data preprocessing for anomaly based network intrusion detection: A review. computers & security, 2011. Available at: https://www.researchgate.net/publication/234130888_Post_review_version DOI: 10.1016/j.cose.2011.05.008 (accessed 18.10.2020).

Sychugov Aleksei Alekseevich
Phd, Docent
Email: xru2003@list.ru

Scopus | eLibrary |

Tula State university

Tula, Russia

Grekov Mikhail Mikhailovich

Email: grekov.web@yandex.ru

Tula State university

Tula, Russia

Keywords: malware, anomaly detection systems, data imbalance, generative adversarial networks, machine learning

For citation: Sychugov A.A., Grekov M.M. Application of generative adversarial networks in anomaly detection systems. Modeling, Optimization and Information Technology. 2021;9(1). URL: https://moitvivt.ru/ru/journal/pdf?id=921 DOI: 10.26102/2310-6018/2021.32.1.003 (In Russ).

2054

Full text in PDF

Published 31.03.2021