Machine Learning (ML) algorithms are largely adopted in modern Network Intrusion Detection Systems (NIDS). The most recent researches propose the use of Graph Neural Networks (GNN) to improve the detection performance. Instead of analyzing each network flow independently, these novel algorithms operate over a graph representation of the data that can take into account the network topology. This paper presents a novel NIDS based on the Adversarially Regularized Graph Autoencoder (ARGA) algorithm. Unlike existing proposals, ARGA offers several advantages as it encodes both the topological information of the graph and the node features in a compact latent representation through an un-supervised autoencoder. Moreover, it derives robust embedding through an additional regularization phase based on adversarial training. We consider also two ARGA variants, namely ARVGA for variational autoencoder and ARVGA-AX for content information reconstruction. A large experimental campaign using two public datasets demonstrates that our proposals are able to outperform other state-of-the-art GNN-based algorithms that already provide good results for network intrusion detection.

ARGANIDS: A novel Network Intrusion Detection System based on adversarially Regularized Graph Autoencoder / Venturi, A.; Ferrari, M.; Marchetti, M.; Colajanni, M.. - (2023), pp. 1540-1548. (Intervento presentato al convegno 38th Annual ACM Symposium on Applied Computing, SAC 2023 tenutosi a est nel 2023) [10.1145/3555776.3577651].

ARGANIDS: A novel Network Intrusion Detection System based on adversarially Regularized Graph Autoencoder

Venturi A.;Marchetti M.;Colajanni M.
2023

Abstract

Machine Learning (ML) algorithms are largely adopted in modern Network Intrusion Detection Systems (NIDS). The most recent researches propose the use of Graph Neural Networks (GNN) to improve the detection performance. Instead of analyzing each network flow independently, these novel algorithms operate over a graph representation of the data that can take into account the network topology. This paper presents a novel NIDS based on the Adversarially Regularized Graph Autoencoder (ARGA) algorithm. Unlike existing proposals, ARGA offers several advantages as it encodes both the topological information of the graph and the node features in a compact latent representation through an un-supervised autoencoder. Moreover, it derives robust embedding through an additional regularization phase based on adversarial training. We consider also two ARGA variants, namely ARVGA for variational autoencoder and ARVGA-AX for content information reconstruction. A large experimental campaign using two public datasets demonstrates that our proposals are able to outperform other state-of-the-art GNN-based algorithms that already provide good results for network intrusion detection.
2023
38th Annual ACM Symposium on Applied Computing, SAC 2023
est
2023
1540
1548
Venturi, A.; Ferrari, M.; Marchetti, M.; Colajanni, M.
ARGANIDS: A novel Network Intrusion Detection System based on adversarially Regularized Graph Autoencoder / Venturi, A.; Ferrari, M.; Marchetti, M.; Colajanni, M.. - (2023), pp. 1540-1548. (Intervento presentato al convegno 38th Annual ACM Symposium on Applied Computing, SAC 2023 tenutosi a est nel 2023) [10.1145/3555776.3577651].
File in questo prodotto:
File Dimensione Formato  
ACM_SECSAC_ARGANIDS_cameraready-2.pdf

Accesso riservato

Descrizione: Camera-ready
Tipologia: Versione dell'autore revisionata e accettata per la pubblicazione
Dimensione 895.2 kB
Formato Adobe PDF
895.2 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

Licenza Creative Commons
I metadati presenti in IRIS UNIMORE sono rilasciati con licenza Creative Commons CC0 1.0 Universal, mentre i file delle pubblicazioni sono rilasciati con licenza Attribuzione 4.0 Internazionale (CC BY 4.0), salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11380/1311146
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? ND
social impact