loading page

Empirical Evaluation of Autoencoder Models for Anomaly Detection in Packet-based NIDS
  • +3
  • Soumyadeep Hore ,
  • Quoc Nguyen ,
  • Yulun Xu ,
  • Ankit Shah ,
  • Nathaniel Bastian ,
  • Trung Le
Soumyadeep Hore
Author Profile
Quoc Nguyen
Author Profile
Ankit Shah
University of South Florida

Corresponding Author:[email protected]

Author Profile
Nathaniel Bastian
Author Profile

Abstract

Packet-based network intrusion detection systems (NIDS) allow for real-time detection, making this research area crucial. This study compares autoencoder models for anomaly detection in packet-based NIDS. It presents a framework for implementing an autoencoder-based NIDS using packet data. A novel metric for reconstruction error in autoencoders is introduced. This metric is evaluated at different thresholds to compare how accurately it detects network traffic anomalies. The efficacy of autoencoder models is showcased across various network attacks and adversarial samples from public network intrusion data sets. This analysis emphasizes the strengths and limitations of different autoencoders for detecting anomalies in network traffic. The insights from this study provide valuable guidance to researchers and practitioners developing autoencoder-based network intrusion detection mechanisms.