Network intrusion detection method based on CAE-TCGAN combined with feature extraction
摘要
In order to solve the problem of low minority class detection rate due to data imbalance in Network Intrusion Detection Systems (NIDS), a Convolutional Autoencoder-Temporal Conditional Generative Adversarial Network (CAE-TCGAN) framework is proposed. The traditional Conditional Generation Adversarial Network (CGAN) is difficult to effectively capture the complex spatiotemporal features and data distribution characteristics when generating network traffic data, and generates samples with low quality, thus limiting the overall detection performance. CAE-TCGAN fuses CGAN, Convolutional Autoencoder (CAE) and Long Short-Term Memory (LSTM) networks to construct a structure that contains convolutional encoding, deconvolutional decoding and temporal discrimination. Among them, the CAE-based generator enhances spatial feature extraction through the convolutional structure and optimises the loss function using the Mean Square Error (MSE) to further improve the data distribution modelling accuracy, while the LSTM-based discriminator strengthens the model’s discriminative ability for temporal features. In addition, the multi-scale fusion of spatiotemporal features is achieved by combining the Convolutional Neural Network-Bidirectional LSTM (CNN-BiLSTM) feature extraction model. The experimental results show that after balancing the datasets using CAE-TCGAN, the accuracy of datasets NSL-KDD and JQYH2024 reaches 97.56% and 99.03%, respectively, and improves the F1-scores of the minority classes U2R and php-injection by 56% and 51.43%, respectively, which effectively mitigates data imbalance and significantly improves the NIDS performance.