Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection

@article{Mirsky2018KitsuneAE,
  title={Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection},
  author={Yisroel Mirsky and Tomer Doitshman and Yuval Elovici and Asaf Shabtai},
  journal={ArXiv},
  year={2018},
  volume={abs/1802.09089}
}
Neural networks have become an increasingly popular solution for network intrusion detection systems (NIDS. [...] Key Method Kitsune's core algorithm (KitNET) uses an ensemble of neural networks called autoencoders to collectively differentiate between normal and abnormal traffic patterns. KitNET is supported by a feature extraction framework which efficiently tracks the patterns of every network channel. Our evaluations show that Kitsune can detect various attacks with a performance comparable to offline…Expand
Griffin: An Ensemble of AutoEncoders for Anomaly Traffic Detection in SDN
TLDR
Griffin is proposed, a per-packet anomaly detection system that can dynamically update the training model based on neural networks that is executed in SDN environment, utilizing a novel ensemble of autoencoders to collectively filter out abnormal traffic from normal traffic.
Intrusion Detection and Classification with Autoencoded Deep Neural Network
TLDR
This paper has applied a deep autoencoded dense neural network algorithm for detecting intrusion or attacks in network connection and evaluated the algorithm with the benchmark NSL-KDD dataset and showed an excellent performance.
Analysis of Autoencoders for Network Intrusion Detection †
TLDR
The results indicate that the latent size of an autoencoder model can have a significant impact on the IDS performance, and rigorously study autoencoders using the benchmark datasets, NSL-KDD, IoTID20, and N-BaIoT.
Leaky Training: A Robustness Improvement Scheme for Autoencoder Based Network Intrusion Detection System under Online Learning
TLDR
This article proposes a novel idea to improve the training process of autoencoder based NIDS under online learning by randomly throwing away a part of the data that is about to enter training.
An efficient deep learning model for intrusion classification and prediction in 5G and IoT networks
TLDR
A deep autoencoded dense neural network algorithm for detecting intrusion or attacks in 5G and IoT network shows an excellent performance with an overall detection accuracy of 99.9% for Flooding, Impersonation and Injection type of attacks.
Netspot: a simple Intrusion Detection System with statistical learning
TLDR
netspot is a very simple network intrusion detection system (NIDS) powered by SPOT, a recent streaming statistical anomaly detector that is able to detect realworld cyber-attacks, making it a credible practical anomaly-based NIDS.
Unsupervised learning approach for network intrusion detection system using autoencoders
TLDR
This study developed a network intrusion detection system using an unsupervised learning algorithm autoencoder and verified its performance, showing an accuracy of 91.70%, which outperforms previous studies that achieved 80% accuracy using cluster analysis algorithms.
Adaptive ensembles of autoencoders for unsupervised IoT network intrusion detection
TLDR
Four methods to reduce the ensemble complexity through adaptive de-activations of autoencoders are proposed and investigated to enable scalable and efficient intrusion detection systems or services that could be deployed on-device or on-edge.
Autoencoders: A Low Cost Anomaly Detection Method for Computer Network Data Streams
TLDR
This paper aims to answer the question if autoencoders, a type of semi-supervised feedforward neural network, can provide a low cost anomaly detector method for computer network data streams, and evaluated online with the KDD'99 and UNSW-NB15 data sets.
Ensemble Learning based Network Anomaly Detection using Clustered Generalization of the Features
Due to the extraordinary volume of business information, classy cyber-attacks pointing the networks of all enterprise have become more casual, with intruders trying to pierce vast into and grasp
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 50 REFERENCES
A Deep Learning Approach for Network Intrusion Detection System
TLDR
Self-taught Learning (STL), a deep learning based technique, is used on NSL-KDD - a benchmark dataset for network security breaches and the performance of this approach is presented and compared with a few previous work.
An Enhanced Resilient Backpropagation Artificial Neural Network for Intrusion Detection System
TLDR
A multilayer perceptron is trained using an enhanced resilient backpropagation training algorithm for intrusion detection using an optimal or ideal learning factor added to the weight update equation in order to increase the convergence speed.
A hybrid machine learning approach to network anomaly detection
TLDR
A new SVM approach is proposed, named Enhanced SVM, which combines these two methods in order to provide unsupervised learning and low false alarm capability, similar to that of a supervised S VM approach.
Novel intrusion detection system integrating layered framework with neural network
  • N. Srivastav, R. Challa
  • Computer Science
    2013 3rd IEEE International Advance Computing Conference (IACC)
  • 2013
TLDR
This paper presents layered framework integrated with neural network to build an effective intrusion detection system that has high attack detection accuracy and less false alarm rate.
A machine learning framework for network anomaly detection using SVM and GA
TLDR
This paper focuses on machine learning techniques for detecting attacks from Internet anomalies and proposes a machine learning framework that outperforms currently employed real-world NIDS.
Intrusion detection using hierarchical neural networks
TLDR
Two hierarchical IDS frameworks using Radial Basis Functions (RBF) are proposed and can detect network intrusions in real-time, train new classifiers for novel intrusions automatically, and modify their structures adaptively after new classifier are trained.
Anomaly-based network intrusion detection : Techniques , systems and challenges
The Internet and computer networks are exposed to an increasing number of security threats. With new types of attacks appearing continually, developing flexible and adaptive security oriented
Anomaly-based network intrusion detection: Techniques, systems and challenges
TLDR
The main challenges to be dealt with for the wide scale deployment of anomaly-based intrusion detectors, with special emphasis on assessment issues are outlined.
A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection
Cyber security is that the body of technologies, processes and practices designed to safeguard networks, computers, programs and knowledge from attack, harm or unauthorized access. During a computing
Anomalous Payload-Based Network Intrusion Detection
TLDR
A payload-based anomaly detector, called PAYL, for intrusion detection that demonstrates the surprising effectiveness of the method on the 1999 DARPA IDS dataset and a live dataset the authors collected on the Columbia CS department network.
...
1
2
3
4
5
...