VAEMax: Open-Set Intrusion Detection based on OpenMax and Variational Autoencoder
arxiv(2024)
摘要
Promptly discovering unknown network attacks is critical for reducing the
risk of major loss imposed on system or equipment. This paper aims to develop
an open-set intrusion detection model to classify known attacks as well as
inferring unknown ones. To achieve this, we employ OpenMax and variational
autoencoder to propose a dual detection model, VAEMax. First, we extract flow
payload feature based on one-dimensional convolutional neural network. Then,
the OpenMax is used to classify flows, during which some unknown attacks can be
detected, while the rest are misclassified into a certain class of known flows.
Finally, use VAE to perform secondary detection on each class of flows, and
determine whether the flow is an unknown attack based on the reconstruction
loss. Experiments performed on dataset CIC-IDS2017 and CSE-CIC-IDS2018 show our
approach is better than baseline models and can be effectively applied to
realistic network environments.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要