AESMOTE: Adversarial Reinforcement Learning With SMOTE for Anomaly Detection

Intrusion Detection Systems (IDSs) play a vital role in securing today's Data-Centric Networks. In a dynamic environment such as the Internet of Things (IoT), which is vulnerable to various types of attacks, fast and robust solutions are in demand to handle fast-changing threats and thus the everincreasing difficulty of detection. In this paper, we present a novel framework for the detection of anomalies, which, in particular, supports intrusion detection. The anomaly-detection framework we propose combines reinforcement learning with class-imbalance techniques. Our goal is not only to exploit the autolearning ability of the reinforcement-learning loop but also to address the dataset imbalance problem, which is pervasive in existing learning-based solutions. We introduce an adapted SMOTE to address the class-imbalance problem while remodelling the behaviors of the environment agent for better performance. Experiments are conducted on NSL-KDD datasets. Comparative evaluations and their results are presented and analyzed. Using techniques such as SMOTE, ROS, NearMiss1 and NearMiss2, performance measures obtained from our simulations have led us to recognize specific performance trends. In particular, the proposed model AESMOTE outperforms AE-RL in several cases. Experiment results show an Accuracy greater than 0.82 and a F1 greater than 0.824.