Resumen
Given the significant increase in cyberattacks and attempts to gain unauthorized access to systems and information, Network Intrusion Detection Systems (NIDS) have become essential tools for their detection. Anomaly-based systems apply machine learning techniques with the goal of being able to distinguish between normal and abnormal traffic. To this end, they use training datasets that have been previously labeled, which allow them to learn how to detect anomalies in future data. This work tests Kitsune, one of the state-of-the-art NIDS based on an ensemble of Autoencoders. To do so, four experimental scenarios have been implemented using the UGR’16 dataset. The results obtained not only validate Kitsune as a reliable reference anomaly detector although is very sensitive to poisoned data, but also reveal new and potential anomalous behaviors that have not been identified until to date.
Rafael A. Rodríguez-Gómez
Profesor Ayudante Doctor
My research interests include network security, the early detection of new threats and adversarial machine learning attacksdefense methods in the cybersecurity field.