Anomaly-based network intrusion detection using denoising autoencoder and Wasserstein GAN synthetic attacks

Intrusion detection systems face challenges in handling high-dimensional, large-scale, and imbalanced network traffic data. This paper proposes a novel architecture combining a denoising autoencoder (AE) and a Wasserstein generative adversarial network (WGAN) to address these issues. The AE-WGAN model extracts high-representative features and generates realistic synthetic attacks, effectively resolving data imbalance and enhancing anomaly-based intrusion detection. Extensive experiments on NSL-KDD and CICIDS-2017 datasets, using both binary and multiclass classification scenarios with various classifier architectures, demonstrate the model’s superior performance. The proposed approach outperforms state-of-the-art models in accuracy, precision, recall, and F1 score, showing excellent generalization capabilities against unseen attacks. Time complexity analysis reveals computational efficiency while maintaining high-quality synthetic attack generation. This research contributes a robust, efficient, and adaptable framework for intrusion detection, capable of handling modern network traffic complexities and evolving cyber threats. •Extract high-level features using ANOVA, which can determine the attack features.•Develop a Denoising AE architecture outperforming WGAN in learning complex features.•Enhance attack quality and stability using AE-WGAN for all attacks over WGAN.•Develop a robust AIDS using AE-WGAN adversarial attacks to address unseen threats effectively.•Evaluate AIDS-AE-WGAN with across DL classifiers and classification methods.