Saved in:
Bibliographic Details
Main Authors: Fard, Hamed, Schalau, Tobias, Wunder, Gerhard
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2510.02349
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866908573785653248
author Fard, Hamed
Schalau, Tobias
Wunder, Gerhard
author_facet Fard, Hamed
Schalau, Tobias
Wunder, Gerhard
contents Network intrusion detection, a well-explored cybersecurity field, has predominantly relied on supervised learning algorithms in the past two decades. However, their limitations in detecting only known anomalies prompt the exploration of alternative approaches. Motivated by the success of self-supervised learning in computer vision, there is a rising interest in adapting this paradigm for network intrusion detection. While prior research mainly delved into contrastive self-supervised methods, the efficacy of non-contrastive methods, in conjunction with encoder architectures serving as the representation learning backbone and augmentation strategies that determine what is learned, remains unclear for effective attack detection. This paper compares the performance of five non-contrastive self-supervised learning methods using three encoder architectures and six augmentation strategies. Ninety experiments are systematically conducted on two network intrusion detection datasets, UNSW-NB15 and 5G-NIDD. For each self-supervised model, the combination of encoder architecture and augmentation method yielding the highest average precision, recall, F1-score, and AUCROC is reported. Furthermore, by comparing the best-performing models to two unsupervised baselines, DeepSVDD, and an Autoencoder, we showcase the competitiveness of the non-contrastive methods for attack detection. Code at: https://github.com/renje4z335jh4/non_contrastive_SSL_NIDS
format Preprint
id arxiv_https___arxiv_org_abs_2510_02349
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle An Investigation into the Performance of Non-Contrastive Self-Supervised Learning Methods for Network Intrusion Detection
Fard, Hamed
Schalau, Tobias
Wunder, Gerhard
Cryptography and Security
Artificial Intelligence
Network intrusion detection, a well-explored cybersecurity field, has predominantly relied on supervised learning algorithms in the past two decades. However, their limitations in detecting only known anomalies prompt the exploration of alternative approaches. Motivated by the success of self-supervised learning in computer vision, there is a rising interest in adapting this paradigm for network intrusion detection. While prior research mainly delved into contrastive self-supervised methods, the efficacy of non-contrastive methods, in conjunction with encoder architectures serving as the representation learning backbone and augmentation strategies that determine what is learned, remains unclear for effective attack detection. This paper compares the performance of five non-contrastive self-supervised learning methods using three encoder architectures and six augmentation strategies. Ninety experiments are systematically conducted on two network intrusion detection datasets, UNSW-NB15 and 5G-NIDD. For each self-supervised model, the combination of encoder architecture and augmentation method yielding the highest average precision, recall, F1-score, and AUCROC is reported. Furthermore, by comparing the best-performing models to two unsupervised baselines, DeepSVDD, and an Autoencoder, we showcase the competitiveness of the non-contrastive methods for attack detection. Code at: https://github.com/renje4z335jh4/non_contrastive_SSL_NIDS
title An Investigation into the Performance of Non-Contrastive Self-Supervised Learning Methods for Network Intrusion Detection
topic Cryptography and Security
Artificial Intelligence
url https://arxiv.org/abs/2510.02349