Proceedings of the XXth Conference of Open Innovations Association FRUCT (Nov 2024)

Automated Detection of Cybersecurity Threats Using Generative Adversarial Networks (GANs)

  • Anastasiia Khlaponina,
  • Salam Omar Alo,
  • Abeer Salim Jamil,
  • Mohammed Jabbar Hussein,
  • Mohammed K.H. Al-Dulaimi,
  • Sarmad Waleed Taha

DOI
https://doi.org/10.23919/FRUCT64283.2024.10749874
Journal volume & issue
Vol. 36, no. 1
pp. 566 – 577

Abstract

Read online

Introduction: Traditional network intrusion detection systems (NIDS) face significant challenges in detecting ever-evolving cyber-threats. With the evolution of cyber-attacks, comes a mounting requirement for predictive methods which are competent in identifying both familiar and unknown threats with an effective level of accuracy. Objective: This study is motivated to apply Generative Adversarial Networks (GAN) technology in NIDS for synthetic data generation, so when the NIDS use this technique generates high-quality fake samples which will tremendously increase its accuracy and decrease false positives. In this paper, we aim to evaluate the performance of GAN-boosted NIDS in different environments, such as novel obfuscated and adversarial attacks. Methods: In this study, was developed and trained a GAN by large datasets like UNSW-NB15 and CICIDS2017 using the proposed methodology. The performance of the GAN model was compared with classical machine learning models — Support Vector Machines (SVM) and Random Forests (RF)— via various evaluation metrics such as detection accuracy, false positive rate, and robustness to attacks. Furthermore, expert interviews were included for the qualitative aspects of how practitioners felt about deploying GAN-enhanced NIDS in reality. Results: Along with enhancing detection capabilities, the study will also explore the computational and operational effects of incorporating GAN into existing cybersecurity systems. Findings indicate that the GAN-based system enhances detection accuracy to 95.8% and reduces false positive rate to 2.4%. We additionally discuss the execution of these systems, the necessary deployment process, computing and real-time performance trade-offs, and offer guidance for maximizing resource utilization. The system displayed a performance better than of detecting novel and obfuscated attacks with an accuracy of 88.2%. It also showed resistance to adversarial attacks, keeping detection rates above 90% for various attack vectors. Conclusions: The results indicate that GANs are promising to improve NIDS by increasing its detection and robustness accurately. Nonetheless, improved research and development demands to ensure that GANs meet practical requirements are required due to high computational demands and integration challenges associated with implementation.

Keywords