Current browse context:
cs.LG
Change to browse by:
References & Citations
Computer Science > Machine Learning
Title: ARCADE: Adversarially Regularized Convolutional Autoencoder for Network Anomaly Detection
(Submitted on 3 May 2022 (v1), revised 13 May 2022 (this version, v2), latest version 14 Dec 2022 (v3))
Abstract: As the number of heterogenous IP-connected devices and traffic volume increase, so does the potential for security breaches. The undetected exploitation of these breaches can bring severe cybersecurity and privacy risks. In this paper, we present a practical unsupervised anomaly-based deep learning detection system called ARCADE (Adversarially Regularized Convolutional Autoencoder for unsupervised network anomaly DEtection). ARCADE exploits the property of 1D Convolutional Neural Networks (CNNs) and Generative Adversarial Networks (GAN) to automatically build a profile of the normal traffic based on a subset of raw bytes of a few initial packets of network flows so that potential network anomalies and intrusions can be effectively detected before they could cause any more damage to the network. A convolutional Autoencoder (AE) is proposed that suits online detection in resource-constrained environments, and can be easily improved for environments with higher computational capabilities. An adversarial training strategy is proposed to regularize and decrease the AE's capabilities to reconstruct network flows that are out of the normal distribution, and thereby improve its anomaly detection capabilities. The proposed approach is more effective than existing state-of-the-art deep learning approaches for network anomaly detection and significantly reduces detection time. The evaluation results show that the proposed approach is suitable for anomaly detection on resource-constrained hardware platforms such as Raspberry Pi.
Submission history
From: Willian T. Lunardi [view email][v1] Tue, 3 May 2022 11:47:36 GMT (573kb,D)
[v2] Fri, 13 May 2022 10:33:05 GMT (573kb,D)
[v3] Wed, 14 Dec 2022 06:07:21 GMT (573kb,D)
Link back to: arXiv, form interface, contact.