pith. sign in

arxiv: 1802.09089 · v2 · pith:BZ54C2UFnew · submitted 2018-02-25 · 💻 cs.CR · cs.AI· cs.LG

Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection

classification 💻 cs.CR cs.AIcs.LG
keywords networkkitsuneneuralnidsattacksnetworkspatternstraffic
0
0 comments X
read the original abstract

Neural networks have become an increasingly popular solution for network intrusion detection systems (NIDS). Their capability of learning complex patterns and behaviors make them a suitable solution for differentiating between normal traffic and network attacks. However, a drawback of neural networks is the amount of resources needed to train them. Many network gateways and routers devices, which could potentially host an NIDS, simply do not have the memory or processing power to train and sometimes even execute such models. More importantly, the existing neural network solutions are trained in a supervised manner. Meaning that an expert must label the network traffic and update the model manually from time to time. In this paper, we present Kitsune: a plug and play NIDS which can learn to detect attacks on the local network, without supervision, and in an efficient online manner. Kitsune's core algorithm (KitNET) uses an ensemble of neural networks called autoencoders to collectively differentiate between normal and abnormal traffic patterns. KitNET is supported by a feature extraction framework which efficiently tracks the patterns of every network channel. Our evaluations show that Kitsune can detect various attacks with a performance comparable to offline anomaly detectors, even on a Raspberry PI. This demonstrates that Kitsune can be a practical and economic NIDS.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 7 Pith papers

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. Detecting Adversarial Evasion Attacks Against Autoencoder-Based Network Intrusion Detection Systems

    cs.CR 2026-07 unverdicted novelty 7.0

    Two detectors achieve near-perfect accuracy detecting PANDA-style adversarial attacks on autoencoder NIDS using image-space error localization and packet-feature consistency checks on IoT traffic.

  2. PLAA: Packet-level Adversarial Attacks in Network Traffic Detection

    cs.CR 2026-06 unverdicted novelty 6.0

    PLAA incrementally generates packet-level features for adversarial traffic in NIDS, monitoring semantic integrity at each step and reporting 92.78% average evasion success on three public datasets.

  3. Chimera: Neuro-Symbolic Attention Primitives for Trustworthy Dataplane Intelligence

    cs.NI 2026-02 unverdicted novelty 6.0

    Chimera combines kernelized attention approximations with symbolic fusion mechanisms to enable high-fidelity neuro-symbolic inference inside commodity programmable switches.

  4. Online Distributional Prediction via Latent Cluster Geometry Under Drift and Corruption

    cs.LG 2026-06 unverdicted novelty 5.0

    A latent-cluster quasi-Bayesian method with restarted updates yields sublinear cumulative Wasserstein-1 regret for online distributional prediction under drift and adversarial corruption.

  5. UniAlign: A Model-Agnostic Framework for Robust Network Traffic Classification under Distribution Shifts

    cs.LG 2026-05 unverdicted novelty 5.0

    UniAlign improves robustness of deep learning NTC models under distribution shifts via domain alignment fine-tuning and stable ensembling, yielding 2.51% accuracy and 2.71% F1 gains over standard training on three pub...

  6. LanG -- A Governance-Aware Agentic AI Platform for Unified Security Operations

    cs.CR 2026-04 unverdicted novelty 5.0

    LanG presents a governance-aware agentic AI platform for unified security operations that reports strong performance on incident correlation, rule generation, attack reconstruction, and AI safety guardrails in an open...

  7. Generative AI and Federated Learning for Intrusion Detection Systems: A Survey

    cs.CR 2026-07 unverdicted novelty 2.0

    A structured literature survey categorizing generative AI (autoencoders, GANs, diffusion models, LLMs) and federated learning uses in IDS, covering tasks like synthetic data generation and anomaly detection plus open ...