IDR Logo

Please use this identifier to cite or link to this item:
Title: A context-aware robust intrusion detection system: a reinforcement learning-based approach
Authors: Sethi K.
Sai Rupesh E.
Kumar R.
Bera P.
Venu Madhav Y.
Keywords: Adversarial attack
Deep reinforcement learning (DRL) agent
Denoising autoencoder
Issue Date: 2019
Abstract: Detection and prevention of intrusions in enterprise networks and systems is an important, but challenging problem due to extensive growth and usage of networks that are constantly facing novel attacks. An intrusion detection system (IDS) monitors the network traffic and system-level applications to detect malicious activities in the network. However, most of the existing IDSs are incapable of providing higher accuracy and less false positive rate (FPR). Therefore, there is a need for adaptive techniques to detect network intrusions that maintain a balance between accuracy and FPR. In this paper, we present a context-adaptive IDS that uses multiple independent deep reinforcement learning agents distributed across the network for accurate detection and classification of new and complex attacks. We have done extensive experimentation using three benchmark datasets including NSL-KDD, UNSW-NB15 and AWID on our model that shows better accuracy and less FPR compared to the state-of-the-art systems. Further, we analysed the robustness of our model against adversarial attack and observed only a small decrease in accuracy as compared to the existing models. To further improve the robustness of the system, we implemented the concept of denoising autoencoder. Also, we have shown the usability of our system in real-life application with changes in the attack pattern. � 2019, Springer-Verlag GmbH Germany, part of Springer Nature.
Appears in Collections:Research Publications

Files in This Item:
There are no files associated with this item.

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.