Two Stage Anomaly Detection for Network Intrusion Detection

Publication from Digital, Policies
Forschungsgruppe Cyber Security and Defence

Helmut Neuschmied, Martin Winter, Katharina Hofer-Schmitz, Branka Stojanovic, Ulrike Kleb

Proceedings of the 7th International Conference on Information Systems Security and Privacy (ICISSP 2021), pages 450-457 DOI: 10.5220/0010233404500457, 2/2021


Network intrusion detection is one of the most import tasks in today’s cyber-security defence applications. Inthe field of unsupervised learning methods, variants of variational autoencoders promise good results. The factthat these methods are very computationally time-consuming is hardly considered in the literature. Therefore,we propose a new two-stage approach combining a fast preprocessing or filtering method with a variationalautoencoder using reconstruction probability. We investigate several types of anomaly detection methodsmainly based on autoencoders to select a pre-filtering method and to evaluate the performance of our concepton two well established datasets.

Keywords: Autoencoder, Deep Learning, Anomaly Detection, Network Intrusion Detection, Variational Autoencoder