Open Access iconOpen Access

ARTICLE

crossmark

XA-GANomaly: An Explainable Adaptive Semi-Supervised Learning Method for Intrusion Detection Using GANomaly

by Yuna Han1, Hangbae Chang2,*

1 Department of Security Convergence, Graduate School, Chung-Ang University, Seoul, 06974, Korea
2 Department of Industrial Security, Chung-Ang University, Seoul, 06974, Korea

* Corresponding Author: Hangbae Chang. Email: email

(This article belongs to the Special Issue: Advances in Information Security Application)

Computers, Materials & Continua 2023, 76(1), 221-237. https://doi.org/10.32604/cmc.2023.039463

Abstract

Intrusion detection involves identifying unauthorized network activity and recognizing whether the data constitute an abnormal network transmission. Recent research has focused on using semi-supervised learning mechanisms to identify abnormal network traffic to deal with labeled and unlabeled data in the industry. However, real-time training and classifying network traffic pose challenges, as they can lead to the degradation of the overall dataset and difficulties preventing attacks. Additionally, existing semi-supervised learning research might need to analyze the experimental results comprehensively. This paper proposes XA-GANomaly, a novel technique for explainable adaptive semi-supervised learning using GANomaly, an image anomalous detection model that dynamically trains small subsets to these issues. First, this research introduces a deep neural network (DNN)-based GANomaly for semi-supervised learning. Second, this paper presents the proposed adaptive algorithm for the DNN-based GANomaly, which is validated with four subsets of the adaptive dataset. Finally, this study demonstrates a monitoring system that incorporates three explainable techniques—Shapley additive explanations, reconstruction error visualization, and t-distributed stochastic neighbor embedding—to respond effectively to attacks on traffic data at each feature engineering stage, semi-supervised learning, and adaptive learning. Compared to other single-class classification techniques, the proposed DNN-based GANomaly achieves higher scores for Network Security Laboratory-Knowledge Discovery in Databases and UNSW-NB15 datasets at 13% and 8% of F1 scores and 4.17% and 11.51% for accuracy, respectively. Furthermore, experiments of the proposed adaptive learning reveal mostly improved results over the initial values. An analysis and monitoring system based on the combination of the three explainable methodologies is also described. Thus, the proposed method has the potential advantages to be applied in practical industry, and future research will explore handling unbalanced real-time datasets in various scenarios.

Keywords


Cite This Article

APA Style
Han, Y., Chang, H. (2023). Xa-ganomaly: an explainable adaptive semi-supervised learning method for intrusion detection using ganomaly. Computers, Materials & Continua, 76(1), 221-237. https://doi.org/10.32604/cmc.2023.039463
Vancouver Style
Han Y, Chang H. Xa-ganomaly: an explainable adaptive semi-supervised learning method for intrusion detection using ganomaly. Comput Mater Contin. 2023;76(1):221-237 https://doi.org/10.32604/cmc.2023.039463
IEEE Style
Y. Han and H. Chang, “XA-GANomaly: An Explainable Adaptive Semi-Supervised Learning Method for Intrusion Detection Using GANomaly,” Comput. Mater. Contin., vol. 76, no. 1, pp. 221-237, 2023. https://doi.org/10.32604/cmc.2023.039463



cc Copyright © 2023 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 1432

    View

  • 623

    Download

  • 13

    Like

Share Link