ML Security Researcher · 2023

Kitsune-py

Research Implementation (NDSS'18 Paper)

1 0 0 0 0 1 1 1 1 0 0 0 0 1 1 1 1 0 0 1 1 1 1 0 0 1 0 1 1 0 1 0 0 1 1 1 1 1 0 1 0 0 1 1 1 0 1 0 1 1 1 0 0 1 0 0 1 1 1 1 0 0 1

The Challenge

Most network intrusion detection systems require labeled training data — a luxury unavailable in zero-day attack scenarios. The challenge: detect novel attacks in real-time without any pre-labeled examples.

The Approach

Implemented the Kitsune architecture (NDSS'18) using ensemble autoencoders that learn the distribution of normal traffic and flag statistical outliers — completely unsupervised with online learning capabilities.

The Solution

AfterImage feature extractor for real-time network statistics
KitNET ensemble of autoencoders for anomaly scoring
Online learning: model updates continuously without batch retraining
Zero labeled data requirement — fully unsupervised detection

The Impact

0 Labels Required

0% Detection Rate

0% Online Learning

0 Pass Required

Tech Stack

Python Autoencoders Machine Learning Network Security Scapy

“The future of intrusion detection is unsupervised — systems that learn normal behavior and detect anomalies without ever seeing an attack example.”

Next Case Study Savelife Ai →