Dual-GAN Framework for Adversarial Robust Intrusion Detection Systems

Section: Articles
Issue
Vol. 20 No. 1 (2026): Vol. 20 No. 1 (2026): Volume 20 Issue 1
Pages
41-52

Keywords:

Intrusion Detection Systems, Generative Adversarial Networks, Adversarial Machine Learning, Data Augmentation, Network Security

Abstract

The importance of intrusion detection systems (IDSs) is part of existing cybersecurity facilities. However, existing machine learning-based IDSs are vulnerable to adversarial attacks and evasion techniques. Generative adversarial networks (GANs) have demonstrated the possibility of using synthetic data augmentation to address the problem of imbalance in network security datasets. Nevertheless, current methods examine performance using clean datasets without considering resilience to adversarial corruption. In this study, a framework of dual GAN (DGF) is proposed, in which one of the GANs produces data to augment the data with synthetic pairs of data, and the other GAN generates adversarial instances to improve the robustness of the model in the training process. The synthesis of synthetic data and the adversarial robustness of intrusion detection have been under-researched. The proposed framework focuses on this aspect. The experimental results on the NSL-KDD benchmark dataset indicate that DGF decreases the false-negative rates by an absolute percentage of 1.11 points (11.11% on clean data and 10.00% on evasion conditions in its own standings, and its relative performance is decreased by 41.5 %–46.0% on augmentation-only baselines. The accuracy of the framework in detecting clean data reached 92.44%, and under adversarial conditions, 92.13% (only 0.31 percentage points decreased). This is better than the existing procedures, which have a reduction in accuracy of over 30% in the case of the same perturbations. These findings reveal how dual-purpose GAN architectures can be useful in designing IDSs that work in adversarial network settings.

References

  1. M. A. Ferrag, L. Maglaras, S. Moschoyiannis, and H. Janicke, “Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study,” J. Inf. Secur. Appl., vol. 50, p. 102419, 2020, doi: 10.1016/j.jisa.2019.102419.
  2. N. Moustafa, J. Hu, and J. Slay, “A holistic review of Network Anomaly Detection Systems: A comprehensive survey,” J. Netw. Comput. Appl., vol. 128, pp. 33–55, Feb. 2019, doi: 10.1016/j.jnca.2018.12.006.
  3. Fawaz M. M. Mokbal, Wang Dan, Wang Xiaoxi, and Fu Lin, “Data augmentation-based conditional Wasserstein generative adversarial network-gradient penalty for XSS attack detection system,” PeerJ Comput. Sci., vol. 6, Dec. 2020, doi: 10.7717/peerj-cs.328.
  4. S. Huang and K. Lei, “IGAN-IDS: An imbalanced generative adversarial network towards intrusion detection system in ad-hoc networks,” Ad Hoc Netw., vol. 105, p. 102177, 2020, doi: 10.1016/j.adhoc.2020.102177.
  5. Z. Wang, “Deep Learning Based Intrusion Detection With Adversaries,” IEEE Access Pract. Innov. Open Solut., vol. 6, 2018, doi: 10.1109/access.2018.2854599.
  6. K. He, D. D. Kim, and M. R. Asghar, “Adversarial Machine Learning for Network Intrusion Detection Systems: A Comprehensive Survey,” IEEE Commun. Surv. Tutor., vol. 25, no. 1, pp. 538–566, 2023, doi: 10.1109/COMST.2022.3233793.
  7. A. Alotaibi and M. A. Rassam, “Adversarial machine learning attacks against intrusion detection systems: A survey on strategies and defense,” Future Internet, vol. 15, no. 2, p. 62, 2023, doi: 10.3390/fi15020062.
  8. Z. Lin, Y. Shi, and Z. Xue, “IDSGAN: Generative Adversarial Networks for Attack Generation Against Intrusion Detection,” Springer Nat. Link, vol. 13282, pp. 79–91, 2022, doi: 10.1007/978-3-031-05981-0_7.
  9. C. Klinkhamhom, P. Boonyopakorn, and P. Wuttidittachotti, “MIDS-GAN: Minority Intrusion Data Synthesizer GAN—An ACON Activated Conditional GAN for Minority Intrusion Detection,” vol. 13, no. 21, p. 3391, 2025, doi: 10.3390/math13213391.
  10. Y. Liu et al., “Deep Anomaly Detection for Time-Series Data in Industrial IoT: A Communication-Efficient On-Device Federated Learning Approach,” IEEE Internet Things J., vol. 8, no. 8, pp. 6348–6358, Apr. 2021, doi: 10.1109/JIOT.2020.3011726.
  11. M. Ring, S. Wunderlich, D. Scheuring, D. Landes, and A. Hotho, “A survey of network-based intrusion detection data sets,” Comput. Secur., vol. 86, pp. 147–167, 2019, doi: 10.1016/j.cose.2019.06.005.
  12. H. Kheddar, “Transformers and large language models for efficient intrusion detection systems: A comprehensive survey,” Inf. Fusion, vol. 124, p. 103347, Dec. 2025, doi: 10.1016/j.inffus.2025.103347.
  13. I. J. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and Harnessing Adversarial Examples,” Mar. 20, 2015, arXiv: arXiv:1412.6572. doi: 10.48550/arXiv.1412.6572.
  14. S. Qiu et al., “Review of Artificial Intelligence Adversarial Attack and Defense Technologies,” Appl. Sci., vol. 9, no. 5, Mar. 2019, doi: 10.3390/app9050909.
  15. M. H. Shahriar, N. I. Haque, M. A. Rahman, and M. Alonso Jr, “G-IDS: Generative Adversarial Networks Assisted Intrusion Detection System,” Jun. 01, 2020, arXiv. doi: 10.48550/arXiv.2006.00676.
  16. W. Xu, J. Jang-Jaccard, T. Liu, F. Sabrina, and J. Kwak, “Improved Bidirectional GAN-Based Approach for Network Intrusion Detection Using One-Class Classifier,” Computers, vol. 11, no. 6, p. 85, May 2022, doi: 10.3390/computers11060085.
  17. Z. Arafat, O. V. Yudina, and Z. A. Abdulazeez, “Generative adversarial networks in cyber security: Literature review,” Russ. Technol. J., vol. 13, no. 5, pp. 7–24, 2025, doi: 10.32362/2500-316X-2025-13-5-7-24.
  18. M. J. J. Rakkini, R. Mohanram, G. Dheepak, S. Subha, R. Hemalatha, and Mr. R. SURESH, “Transformer-Based Intrusion Detection Systems: a Deep Federated Learning Approach for Privacypreserving Cybersecurity,” in 2025 6th International Conference on Data Intelligence and Cognitive Informatics (ICDICI), Jul. 2025, pp. 216–223. doi: 10.1109/ICDICI66477.2025.11134874.
  19. C. M. Nalayini, T. R. Soumya, S. D. Lalitha, and R. Tamijetchelvy, “A novel adaptive transformer based quantum intrusion detection system for software defined networks,” Sci. Rep., vol. 15, no. 1, p. 36505, Oct. 2025, doi: 10.1038/s41598-025-20356-4.
  20. W. D. Xiong, K. L. Luo, and R. Li, “AIDTF: Adversarial training framework for network intrusion detection,” Comput. Secur., vol. 128, p. 103141, May 2023, doi: 10.1016/j.cose.2023.103141.
  21. I. Debicha, T. Debatty, J.-M. Dricot, and W. Mees, “Adversarial Training for Deep Learning-based Intrusion Detection Systems,” Apr. 20, 2021, arXiv: arXiv:2104.09852. doi: 10.48550/arXiv.2104.09852.
  22. J. Wang, X. Chang, Y. Wang, R. J. Rodríguez, and J. Zhang, “LSGAN-AT: enhancing malware detector robustness against adversarial examples,” Cybersecurity, vol. 4, no. 38, 2021, doi: 10.1186/s42400-021-00102-9.
  23. T. T. Nguyen, U. H. Tran, and H. N. Nguyen, “Adversarial attack and defense in AI-powered intrusion detection,” J. Comput. Sci. Cybern., vol. 41, no. 4, pp. 387–402, Nov. 2025, doi: 10.15625/1813-9663/22884.
  24. S. Ennaji, E. Benkhelifa, and L. V. Mancini, “Behavior-Aware and Generalizable Defense Against Black-Box Adversarial Attacks for ML-Based IDS,” Dec. 15, 2025, arXiv: arXiv:2512.13501. doi: 10.48550/arXiv.2512.13501.
  25. N. V. Chawla, K. W. Bowyer, L. O. Hall, and W. P. Kegelmeyer, “SMOTE: Synthetic Minority Over-Sampling Technique,” J. Artif. Intell. Res., vol. 16, pp. 321–357, 2002, doi: 10.1613/jair.953.
  26. A. A. Mintoo, A. R. Nabil, M. A. Alam, and I. Ahmad, “Adversarial Machine Learning In Network Security: A Systematic Review Of Threat Vectors And Defense Mechanisms,” Innov. Eng. J., vol. 1, no. 01, pp. 80–98, Nov. 2024, doi: 10.70937/itej.v1i01.9.

Author

Zainab A. Abdulazeez

College of Education for Human Sciences, University of Kerbala, Karbala, Iraq

Identifiers

DOI: 10.33899/rjcsm.v20i1.60660

Download this PDF file
PDF

Statistics

How to Cite

Dual-GAN Framework for Adversarial Robust Intrusion Detection Systems. (2026). AL-Rafidain Journal of Computer Sciences and Mathematics, 20(1), 41-52. https://doi.org/10.33899/rjcsm.v20i1.60660
Copyright and Licensing
Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

Dual-GAN Framework for Adversarial Robust Intrusion Detection Systems. (2026). AL-Rafidain Journal of Computer Sciences and Mathematics, 20(1), 41-52. https://doi.org/10.33899/rjcsm.v20i1.60660