Machine Learning (ML) algorithms are largely adopted in modern Network Intrusion Detection Systems (NIDS). The most recent researches propose the use of Graph Neural Networks (GNN) to improve the detection performance. Instead of analyzing each network flow independently, these novel algorithms operate over a graph representation of the data that can take into account the network topology. This paper presents a novel NIDS based on the Adversarially Regularized Graph Autoencoder (ARGA) algorithm. Unlike existing proposals, ARGA offers several advantages as it encodes both the topological information of the graph and the node features in a compact latent representation through an un-supervised autoencoder. Moreover, it derives robust embedding through an additional regularization phase based on adversarial training. We consider also two ARGA variants, namely ARVGA for variational autoencoder and ARVGA-AX for content information reconstruction. A large experimental campaign using two public datasets demonstrates that our proposals are able to outperform other state-of-the-art GNN-based algorithms that already provide good results for network intrusion detection.

ARGANIDS: A novel Network Intrusion Detection System based on adversarially Regularized Graph Autoencoder / Venturi, A.; Ferrari, M.; Marchetti, M.; Colajanni, M.. - (2023), pp. 1540-1548. (Intervento presentato al convegno 38th Annual ACM Symposium on Applied Computing, SAC 2023 tenutosi a Tallinn, ESTONIA nel MAR 27-31, 2023) [10.1145/3555776.3577651].

ARGANIDS: A novel Network Intrusion Detection System based on adversarially Regularized Graph Autoencoder

Venturi A.;Marchetti M.;Colajanni M.
2023

Abstract

Machine Learning (ML) algorithms are largely adopted in modern Network Intrusion Detection Systems (NIDS). The most recent researches propose the use of Graph Neural Networks (GNN) to improve the detection performance. Instead of analyzing each network flow independently, these novel algorithms operate over a graph representation of the data that can take into account the network topology. This paper presents a novel NIDS based on the Adversarially Regularized Graph Autoencoder (ARGA) algorithm. Unlike existing proposals, ARGA offers several advantages as it encodes both the topological information of the graph and the node features in a compact latent representation through an un-supervised autoencoder. Moreover, it derives robust embedding through an additional regularization phase based on adversarial training. We consider also two ARGA variants, namely ARVGA for variational autoencoder and ARVGA-AX for content information reconstruction. A large experimental campaign using two public datasets demonstrates that our proposals are able to outperform other state-of-the-art GNN-based algorithms that already provide good results for network intrusion detection.
2023
38th Annual ACM Symposium on Applied Computing, SAC 2023
Tallinn, ESTONIA
MAR 27-31, 2023
1540
1548
Venturi, A.; Ferrari, M.; Marchetti, M.; Colajanni, M.
ARGANIDS: A novel Network Intrusion Detection System based on adversarially Regularized Graph Autoencoder / Venturi, A.; Ferrari, M.; Marchetti, M.; Colajanni, M.. - (2023), pp. 1540-1548. (Intervento presentato al convegno 38th Annual ACM Symposium on Applied Computing, SAC 2023 tenutosi a Tallinn, ESTONIA nel MAR 27-31, 2023) [10.1145/3555776.3577651].
File in questo prodotto:
File Dimensione Formato  
3555776.3577651.pdf

Accesso riservato

Tipologia: Versione pubblicata dall'editore
Dimensione 1.69 MB
Formato Adobe PDF
1.69 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

Licenza Creative Commons
I metadati presenti in IRIS UNIMORE sono rilasciati con licenza Creative Commons CC0 1.0 Universal, mentre i file delle pubblicazioni sono rilasciati con licenza Attribuzione 4.0 Internazionale (CC BY 4.0), salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11380/1311146
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 6
  • ???jsp.display-item.citation.isi??? 3
social impact