Advertisement

GAN-based imbalanced data intrusion detection system

  • JooHwa Lee
  • KeeHyun ParkEmail author
Original Article

Abstract

According to the development of deep learning technologies, a wide variety of research is being performed to detect intrusion data by using vast amounts of data. Although deep learning performs more accurately than machine learning algorithms when learning large amounts of data, the performance declines significantly in the case of learning from imbalanced data. And, while there are many studies on imbalanced data, most have weaknesses that can result in data loss or overfitting. The purpose of this study is to solve data imbalance by using the Generative Adversarial Networks (GAN) model, which is an unsupervised learning method of deep learning which generates new virtual data similar to the existing data. It also proposed a model that would be classified as Random Forest to identify detection performance after addressing data imbalances based on a GAN. The results of the experiment showed that the performance of the model proposed in this paper was better than the model classified without addressing the imbalance of data. In addition, it was found that the performance of the model proposed in this paper was excellent when compared with other models that were previously used widely for the data imbalance problem.

Keywords

GAN IDS Imbalanced data Deep learning Resampling 

Notes

Funding information

This research was supported by the Basic Science Research Programs through the National Research Foundation of Korea (NRF), funded by the Ministry of Education, Science and Technology (No. NRF-2018R1D1A1B07043982)

References

  1. 1.
    Tsiropoulou EE, Baras JS, Papavassiliou S, Qu G (2016) On the mitigation of interference imposed by intruders in passive RFID networks. International Conference on Decision and Game Theory for Security, GameSec, vol 9996, pp 62–80zbMATHGoogle Scholar
  2. 2.
    Yan B, Han G (2018) Effective feature extraction via stacked sparse autoencoder to improve intrusion detection system. IEEE Access, IEEE, pp 41238–41248CrossRefGoogle Scholar
  3. 3.
    Su Y, Qi K, Di C, Ma Y, Li S (2018) Learning automata based feature selection for network traffic intrusion detection. 2018 IEEE Third International Conference on Data Science in Cyberspace, IEEE, pp 622–627Google Scholar
  4. 4.
    Bitaab M, Hashemi S (2017) Hybrid intrusion detection: combining decision tree and Gaussian mixture model. 2017 14th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC), IEEE, pp 8–12Google Scholar
  5. 5.
    Ebenuwa SH, Sharif MS, Alazab M, Al-Nemrat A (2019) Variance ranking attributes selection techniques for binary classification problem in imbalance data. IEEE Access, IEEE, pp 24649–24666CrossRefGoogle Scholar
  6. 6.
    Chawla NV, Bowyer KW, Hall LO, Kegelmeyer WP (2002) SMOTE: Synthetic minority over-sampling technique. J Artif Intell Res 16:321–357CrossRefGoogle Scholar
  7. 7.
    Zhu L, Chen Y, Ghamisi P, Benediktsson JA (2018) Generative adversarial networks for hyperspectral image classification. IEEE Trans Geosci Remote Sens, IEEE, pp 5046–5063CrossRefGoogle Scholar
  8. 8.
    Lin P, Ye K, Xu C-Z (2019) Dynamic network anomaly detection system by using deep learning techniques. In: International Conference on Cloud Computing. Springer, Berlin, pp 161–176Google Scholar
  9. 9.
    Ahmad I, Basheri M, Iqbal MJ, Rahim A (2018) Performance comparison of support vector machine, random forest, and extreme learning machine for intrusion detection. IEEE Access IEEE 6:33789–33795CrossRefGoogle Scholar
  10. 10.
    BogazZarpelão B, SanchesMiani R, ToshioKawakani C, Alvarenga SC (2017) A survey of intrusion detection in Internet of Things. J Netw Comput Appl ELSEVIER 84:25–37CrossRefGoogle Scholar
  11. 11.
    Hu J, Yang H, Lyu R, King I, So AM-C (2018) Online nonlinear AUC maximization for imbalanced datasets. IEEE Trans Neural Netw Learn Syst, IEEE, pp 882–895CrossRefGoogle Scholar
  12. 12.
    Yan Y, Liu R, Ding Z, Xiuquan D, Chen J, Zhang Y (2019) A parameter-free cleaning method for smote in imbalanced classification. IEEE Access, IEEE, Piscataway, pp 22537–23548Google Scholar
  13. 13.
    Yan B, Han G, Sun M, Ye S (2017) A novel region adaptive SMOTE algorithm for intrusion detection on imbalanced problem. In: Proc. of 3rd IEEE International Conference on Computer and Communications (ICCC)(2017). IEEE, Piscataway, pp 1281–1286Google Scholar
  14. 14.
    Sun Y, Liu F (2016) SMOTE-NCL: A re-sampling method with filter for network intrusion detection. Proc. of 2nd IEEE International Conference on Computer and Communications (ICCC), IEEE, pp 1157–1161.Google Scholar
  15. 15.
    Kim J-Y, Seok-Jun B, Cho S-B (2017) Malware detection using deep transferred generative adversarial networks. In: ICONIP: International Conference on Neural Information Processing Neural Information Processing. Springer, Berlin, pp 556–564Google Scholar
  16. 16.
    Sharafaldin I, Lashkari AH, Ghorbani AA (2019) Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: 4th International Conference on Information Systems Security and Privacy (ICISSP 2018). Scitepress, Setúbal, pp 108–116Google Scholar
  17. 17.
    Goodfellow IJ, Pouget-Abadie J, Mirza M, Xu B, Warde-Farley D, Ozair S, Courville A, Bengio Y (2014) Generative adversarial nets. Neural Information Processing Systems, NIPS, pp 2672–2680Google Scholar
  18. 18.
    Park K, Song Y, Cheong Y (2018) Classification of attack types for intrusion detection systems using a machine learning algorithm. In: IEEE Fourth International Conference on Big Data Computing Service and Applications. IEEE, Piscataway, pp 282–286Google Scholar
  19. 19.
    Confusion matrix, Available online: https://en.wikipedia.org/wiki/Confusion_matrix (12. 3. 2018)
  20. 20.
    Gey MBF (1994) The relationship between recall and precision. J Am Soc Inf Sci 45:12–19CrossRefGoogle Scholar
  21. 21.
    Abebe T, Lalitha Bhaskari D (2013) Intrusion detection using random forests classifier with SMOTE and feature reduction. In: International Conference on Cloud & Ubiquitous Computing & Emerging Technologies. IEEE, Piscataway, pp 127–132Google Scholar

Copyright information

© Springer-Verlag London Ltd., part of Springer Nature 2019

Authors and Affiliations

  1. 1.Department of Computer EngineeringKeimyung UniversityDaeguRepublic of Korea

Personalised recommendations