SU-IDS: A Semi-supervised and Unsupervised Framework for Network Intrusion Detection

Network Intrusion Detection Systems (NIDSs) are increasingly crucial due to the expansion of computer networks. Detection techniques based on machine learning have attracted extensive attention for their capability to detect novel attacks. However, they require a large amount of labeled training data to train an effective model, which is difficult and expensive to obtain. To this effect, it is critically important to build models which can learn from unlabeled or partially-labeled data. In this paper, we propose an autoencoder-based framework, i.e., SU-IDS, for semi-supervised and unsupervised network intrusion detection. The framework augments the usual clustering (or classification) loss with an auxiliary loss of autoencoder, and thus achieves a better performance. The experimental results on the classic NSL-KDD dataset and the modern CICIDS2017 dataset show the superiority of our proposed models.