ADVERSARIAL TRAFFIC GENERATION FOR IDS EVASION: A COMPARATIVE STUDY OF AIDAE AND SGAN-BASED APPROACHES
Keywords:
Intrusion Detection Systems, Adversarial Attacks, Generative Adversarial Networks, AIDAE, SGAN-IDS, Self-Attention Mechanism, Machine Learning Security, NSL-KDD Dataset, Cybersecurity, Random ForestAbstract
Machine learning-based Intrusion Detection Systems (IDS) have become essential com- ponents of modern cybersecurity infrastructure yet remain vulnerable to adversarial attacks that can compromise their effectiveness. This research presents a comprehensive compara- tive analysis of two state-of-the-art adversarial generation frameworks: Anti-Intrusion De- tection Autoencoder (AIDAE) and Self-Attention Generative Adversarial Network for IDS (SGAN-IDS). Traditional IDS approaches, including signature-based and anomaly-based methods, suffer from significant limitations such as inability to detect zero-day attacks and high false alarm rates. While machine learning-based IDS have addressed some of these shortcomings, they remain susceptible to carefully crafted adversarial examples that can evade detection. This study establishes a uniform experimental framework to systemati- cally evaluate and compare the adversarial effectiveness of AIDAE and SGAN-IDS under identical conditions. Both methods are tested against a Random Forest classifier using the NSL-KDD dataset, enabling direct comparison of their adversarial generation capabilities, training dynamics, and attack strategies. AIDAE combines autoencoder reconstruction with GAN-based adversarial training to generate semantically consistent adversarial sam- ples, while SGAN-IDS leverages self-attention mechanisms to capture long-range depen- dencies and produce globally consistent adversarial traffic. Through quantitative evaluation metrics including accuracy degradation, fooling rate, and confusion matrix analysis, this research provides critical insights into the strengths, weaknesses, and trade-offs of each approach. The findings reveal fundamental vulnerabilities in machine learning-based IDS and highlight the urgent need for adversarial-robust architectures. This study establishes important benchmarks for adversarial traffic generation and contributes to the development of more resilient intrusion detection systems capable of defending against sophisticated at- tacks.
