Deep learning (DL) has exhibited its exceptional performance in fields like intrusion detection. Various augmentation methods have been proposed to improve data quality and eventually to enhance the performance of DL models. However, the classic augmentation methods cannot be applied to those DL models which exploit the system-call sequences to detect intrusion. Previously, the seq2seq model has been explored to augment system-call sequences. Following this work, we propose a gated convolutional neural network (GCNN) model to thoroughly extract the potential information of augmented sequences. Also, in order to enhance the model’s robustness, we adopt adversarial training to reduce the impact of adversarial examples on the model. Adversarial examples used in adversarial training are generated by the proposed adversarial sequence generation algorithm. The experimental results on different verified models show that GCNN model can better obtain the potential information of the augmented data and achieve the best performance. Furthermore, GCNN with adversarial training can enhance robustness significantly.

中文翻译：

---

结合数据增强方法和门控卷积模型构建有效鲁棒的入侵检测

深度学习（DL）在入侵检测等领域表现出卓越的性能。已经提出了各种增强方法来提高数据质量并最终提高 DL 模型的性能。然而，经典的增强方法不能应用于那些利用系统调用序列来检测入侵的 DL 模型。之前，已经探索了 seq2seq 模型来增加系统调用序列。在这项工作之后，我们提出了一个门控卷积神经网络 (GCNN) 模型来彻底提取增强序列的潜在信息。此外，为了增强模型的鲁棒性，我们采用对抗训练来减少对抗样本对模型的影响。对抗性训练中使用的对抗性示例由所提出的对抗性序列生成算法生成。在不同验证模型上的实验结果表明，GCNN 模型可以更好地获取增强数据的潜在信息并达到最佳性能。此外，具有对抗性训练的 GCNN 可以显着增强鲁棒性。