Flow-based Network Traffic Generation using Generative Adversarial Networks.

, , , and . Computing Research Repository CoRR, (2018)


Flow-based data sets are necessary for evaluating network-based intrusion de- tection systems (NIDS). In this work, we propose a novel methodology for gener- ating realistic flow-based network traffic. Our approach is based on Generative Adversarial Networks (GANs) which achieve good results for image generation. A major challenge lies in the fact that GANs can only process continuous at- tributes. However, flow-based data inevitably contain categorical attributes such as IP addresses or port numbers. Therefore, we propose three different preprocessing approaches for flow-based data in order to transform them into continuous values. Further, we present a new method for evaluating the gener- ated flow-based network traffic which uses domain knowledge to define quality tests. We use the three approaches for generating flow-based network traffic based on the CIDDS-001 data set. Experiments indicate that two of the three approaches are able to generate high quality data.

Links and resources



  • @markus0412
  • @hotho
  • @dblp
  • @dmir
  • @baywiss1
@baywiss1's tags highlighted