An Autonomous Intrusion Detection System Using an Ensemble of Advanced Learners

An intrusion detection system (IDS) is a vital security component of modern computer networks. With the increasing amount of sensitive services that use computer network-based infrastructures, IDSs need to be more intelligent and autonomous. Aside from autonomy, another important feature for an IDS is its ability to detect zero-day attacks. To address these issues, in this paper, we propose an IDS which reduces the amount of manual interaction and needed expert knowledge and is able to yield acceptable performance under zero-day attacks. Our approach is to use three learning techniques in parallel: gated recurrent unit (GRU), convolutional neural network as deep techniques and random forest as an ensemble technique. These systems are trained in parallel and the results are combined under two logics: majority vote and "OR" logic. We use the NSL-KDD dataset to verify the proficiency of our proposed system. Simulation results show that the system has the potential to operate with a very low technician interaction under the zero-day attacks. We achieved 87:28% accuracy on the NSL-KDD's "KDDTest+" dataset and 76:61% accuracy on the challenging "KDDTest-21" with lower training time and lower needed computational resources.Comment: 5 page

Enhancing DDoS Attack Detection in SDNs with GAN-Based Imbalanced Data Augmentation

Securing computer networks has become crucial due to the ongoing emergence of diverse network attacks. The popularity of Software Defined Networks (SDN) has risen because of its ability to enhance network agility, efficiency, and adaptability to recent networking challenges. However, it is essential to note that SDNs, which depend on centralized controllers, can be severely affected by Distributed Denial of Service (DDoS) attacks. The threat of DDoS attacks has grown exponentially, resulting in the evolution of robust Machine Learning-based DDoS attack detection systems within SDN. DDoS attack detection systems may deliver poor performance when trained on imbalanced datasets. Traditional techniques for handling imbalanced datasets need to be revised. Recent advances in generative adversarial networks (GANs) have revealed significant potential in generating synthetic data while preserving the probability distribution of the original data. This innovative procedure offers a promising solution to mitigate the challenges of imbalanced data in DDoS attack detection. To address challenges originating from imbalanced training datasets, we employed Generative Adversarial models to generate adversarial attacks from one viewpoint and evaluate their quality from another perspective. We chose Generative Adversarial Networks (GANs), Bidirectional GANs (Bi-GANs), and Wasserstein GANs (WGANs) based on extensive usage and reliability criteria in various domains. We conducted a comprehensive assessment to evaluate their effectiveness and resilience in generating high-quality attacks. It helps to develop, train, and fine-tune machine and deep learning models to estimate their impacts. We utilized NSL-KDD and CICIDS-2017 datasets to ensure generalization, implementing both ML and DL approaches. The outcomes demonstrate that the WGAN model outperformed GAN, Bi-GAN, and the models trained on the original imbalanced dataset and traditional sampling techniques in binary and multiclass classifications for both datasets

FaultFace: Deep Convolutional Generative Adversarial Network (DCGAN) based Ball-Bearing Failure Detection Method

Failure detection is employed in the industry to improve system performance and reduce costs due to unexpected malfunction events. So, a good dataset of the system is desirable for designing an automated failure detection system. However, industrial process datasets are unbalanced and contain little information about failure behavior due to the uniqueness of these events and the high cost for running the system just to get information about the undesired behaviors. For this reason, performing correct training and validation of automated failure detection methods is challenging. This paper proposes a methodology called FaultFace for failure detection on Ball-Bearing joints for rotational shafts using deep learning techniques to create balanced datasets. The FaultFace methodology uses 2D representations of vibration signals denominated faceportraits obtained by time-frequency transformation techniques. From the obtained faceportraits, a Deep Convolutional Generative Adversarial Network is employed to produce new faceportraits of the nominal and failure behaviors to get a balanced dataset. A Convolutional Neural Network is trained for fault detection employing the balanced dataset. The FaultFace methodology is compared with other deep learning techniques to evaluate its performance in for fault detection with unbalanced datasets. Obtained results show that FaultFace methodology has a good performance for failure detection for unbalanced datasets