AI approaches for intelligent honeypots can significantly enhance the capabilities in detecting, analysing and mitigating malicious activities. AI approaches with a change in the network setup can be used to predict the honeypot log data and whether any attacker is trying to gain access or not in an efficient way [2,6]. It is achieved by using the required data from the honeypot log files. It requires a few features which are extracted from the generated log report from the Honeypot [7]. The primary objective of this methodology is to achieve high accuracy while utilizing minimal processing power.
An AI algorithm's predictive accuracy is highly dependent on the dataset's quality. In this proposed methodology, the "KDDCUP99" dataset, which was provided by the Fifth International Conference on Knowledge Discovery and Data Mining, is utilized directly from the honeypot logs [3,4]. The dataset has labels and hence it is a supervised model, we test its accuracy with all suitable Machine Learning Algorithms.
A. Network Design
The network design is designed in such a way that all the data is the hidden backside of a honeypot server divided by firewalls. Multiple layered designs are required to attract more attackers and it helps in identifying attackers which use honeypot bypass techniques. Network design is depicted in Figure 1 using Cisco Packet Tracer.
i. The network design used is Hybrid architecture. We use it to customize the security features.
ii. The whole network is entered directly through the Internet router from the Internet Service Provider (ISP) or the outer network.
iii. All the traffic from the Internet Service Provider enters the Internet Router and the data packets are sent over Firewall 1 to filter the usual unwanted packets from the Internet or the outer network.
iv. Filtered packets then enter the Honey Hub. The Honey Hub is connected to a home gateway that is fully connected with more devices using the internet (IoT Devices), these may be physical devices or virtual devices running old or vulnerable operating systems. Old and vulnerable software versions for IoT devices are the 1st layer of trap for attackers. Since the software is vulnerable by nature, they are more likely to act as a natural honeypot.
v. The role of the Honey HUB is to transmit all packets to the IDS server since HUB broadcasts every packet detail to every device connected to it.
vi. The honeypot server, connected via optical fibre, receives data faster compared to standard twisted pair cables, such as Cat 5, Cat 6, Cat 7, and Cat 7E, due to the former's higher speed capability.
vii. IDS server analyses the network and uses a Machine Learning Algorithm that predicts the packet's nature and collects all required details for the prediction and sends the report to Firewall 2 via Honey Hub with an encrypted secured channel.
viii. Entry Router receives packets that are filtered by Firewall 2 as directed by the honeypot server. The packets move via a packet sniffer which collects all data for future study purposes since “Nothing in the internet is 100% safe”.
ix. Finally, the Switch0 and the Home Router or the regular network is connected and can be used normally.
B. Honeypot
The network design consists of two layers of security mechanisms as explained well in the network design. It is important to have multiple layers of security features to ensure more security. Hackers are always more intelligent and they get access if there is a minute defect in the code or even network design.
· The first layer of security has IoT devices with older software. Older software is more vulnerable than the latest one. IoT devices are more likely to be trapped by hackers to get into a network. If any hacker traps an IoT device, those IP will be blocked by a firewall.
· As the honeypot used is a high interaction honeypot, few ports were made open which mimics the open ports of software running inside it such as Microsoft update plugin’s port or database’s default port or TCP, UDP, TELNET, POP3, FTP, SMTP, etc.
The whole network is monitored and the monitored data is saved. The data is then used for the feature extraction process for machine learning purposes. The data is saved using network monitoring tools. The network sniffer or packet sniffer traps the whole data where we can find anything there.
C. Dataset
Two datasets are utilized for the investigation of intelligent honeypots. Datasets extracted from the implementing honeypot environment and KDD-99 datasets are used for this experimentation.
1. Feature Extraction From Honeypot
Wireshark is utilized to capture the network traffic inside the honeypot. This tool enables us to analyse the traffic data packets and extract the necessary information for further analysis. The captured data is then saved in a .pcap format file with 28 features. The extracted features include information about the packet content, TCP flags, and traffic statistics. The extractor uses the pandas library for data processing and can handle both the original and pre-processed versions of the KDD99 dataset and it also provides a convenient way to preprocess the KDD99 dataset for machine learning experiments. It starts by loading the raw data into a Pandas Data Frame and then performs some data cleaning operations, such as removing duplicates and renaming columns. Then, it applies label encoding to convert categorical features into numerical ones. It also drops some irrelevant features, such as the 'service' column. After preprocessing, the notebook uses the sklearn library's 'Standard Scaler' to normalize the data. Finally, it extracts 28 features from the pre-processed data, including both numerical and categorical features. The extracted features include the following:
· duration
· protocol type
· service
· flag
· src_bytes
· dst_bytes
· land
· wrong_fragment
· urgent
· count
· srv_count
· serror_rate
· srv_serror_rate
· rerror_rate
· srv_rerror_rate
· same_srv_rate
· diff_srv_rate
· srv_diff_host_rate
· dst_host_count
· dst_host_srv_count
· dst_host_same_srv_rate
· dst_host_diff_srv_rate
· dst_host_same_src_port_rate
· dst_host_srv_diff_host_rate
· dst_host_serror_rate
· dst_host_srv_serror_rate
· dst_host_rerror_rate
· dst_host_srv_rerror_rate
Through the honeypot , a total of 1043 data rows, each of which includes 28 features, were successfully extracted providing us with a rich source of information to analyse and draw insights from. Specifically, our dataset included 713 rows of normal data and 330 rows of attack data, providing us with a comprehensive view of the threats facing our systems and the methods used to compromise them. We utilized an offensive security operating system, such as Kali Linux, to simulate various attack methods within a virtual environment. Specifically, we targeted another network within the virtual environment to emulate the effects of different types of network attacks and recorded and extracted the dataset from the network traffic.
2. KDD99 Dataset
The dataset utilized for this study was released during the Third International Knowledge Discovery and Data Mining Tools Competition, which was held in tandem with KDD-99[3] The Fifth International Conference on Knowledge Discovery and Data Mining. Participants were tasked with constructing a network intrusion detector that could differentiate between "bad" connections (intrusions or attacks) and "good" normal connections by creating a predictive model. The dataset has 42 columns which are the main features that determine the prediction. The most important field mainly consists of attack type and type of connection are as follows [3]:
● ‘Normal’ for regular data.
● ‘dos’ type of attack for ‘Neptune, smurf, land, back, pod, teardrop’.
● ‘probe’ type of attack for the type ‘ipsweep, satan, port sweep or nmap’.
● ‘r2l’ type of attack for type ‘ftp_write, guess_passwd, imap, phf, spy, warezclient, warezmaster or multihop’,
● ‘u2r’ for ‘Perl, loadmodule, buffer_overflow or rootkit’
Within the database, there exists a standard set of data to undergo auditing, comprising an array of intrusions emulated within a military network environment, but the combination of honeypots with a 2 layered intrusion model using different ML Algorithms helps in identifying more efficiently and with low processing power. Figure 2 depicts the heatmap for all 42 features of the KDD99 dataset.
D. Intrusion Detection System by Machine Learning
The common packets which are filtered by a firewall are almost safe from regular intrusions and regular web traffic. The firewall may be a hardware firewall or else a software-based firewall to filter the packets. All the data together come to the HUB and are broadcast to every device. A smart attacker can sense the use or any other mode of packet sniffing, and even the intruder can modify or destroy log files and reports generated by the Honeypot Server, but the use of Hub makes it look like a natural device used for connecting devices. The possibility of identifying IoT devices is very high because of the vulnerable software running in them. All the data is monitored by software or hardware in the Honeypot server which is shown in Figure 3
Honeypot Server is the main part that determines whether the packets are safe or not. It analyses every single packet in detail and gives predictions using AI algorithms [12]. Every machine learning model has its specific type of processing method. Every classifier has its working algorithms. As the desired output is a prediction of type “intruder” or “Normal” type, a proper machine learning model is to be selected for the required output. A set of ML classifiers are taken to test the dataset. The dataset has a label column which is suitable for supervised machine-learning algorithms. The utilized machine learning algorithms encompass Gaussian Naive Bayes, Decision Tree, Random Forest, Gradient Boosting, Extreme Gradient Boosting, Generative Adversarial Network, Linear Regression, Logistic Regression, Long Short-Term Memory, and Deep Belief Network.
E. Threat Detection
Various AI algorithms are utilized to determine whether the connection is good or it is an intruder. The data from the honeypot is analysed well by the AI techniques which have about 42 features used for prediction [12]. They are tested using Different machine learning models like Gaussian Naive Bayes [9], Decision Tree [10], Random Forest, Gradient Boosting, Extreme Gradient Boosting, Generative adversarial network, Linear Regression, Logistic Regression, Long Short-Term Memory, and Deep Belief Network as mentioned above. The one which is suitable for intrusion detection gives a high accuracy value and the high accuracy model is selected for the detection.
The application of Generative Adversarial Networks (GANs), a class of deep learning algorithms, involves generating new and synthetic data by pitting two neural networks Within a zero-sum game framework, the entities compete against each other. GAN architecture is shown in Figure 4 which has two main components: a generator and a discriminator. Taking a random noise vector as input, the generator maps it to an output that mimics the target data distribution, whereas the discriminator takes in both real samples from the target data distribution and fake samples generated by the generator and tries to distinguish between the two, they are trained in an adversarial manner, generator creating samples that are realistic to the discriminator, In an attempt to classify samples as real or fake, the discriminator scrutinizes them, while the generator refines its skill in generating realistic samples, and the discriminator enhances its ability to classify samples over time.
The GAN framework can be mathematically formulated as a game of minimum and maximum values between the generator and discriminator networks. The generator's objective function is to decrease the probability of the discriminator accurately classifying the generated data as fake, while the discriminator's objective function is to increase the probability of correctly classifying both the real and generated data. This can be represented as:
![](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAccAAABNCAIAAABcwjjvAAASiElEQVR4Ae1d7ZWDug50C9RAC/RACdRAC+mADtIBFaQCGkgDdEAPvudl3p2rlYwDBBJ2o/zYY4yR5LE8lj9gQ/SfI+AIOAKOwH4IhP1EuSRHwBFwBByB6KzqTuAIOAKOwJ4IOKvuiabLcgQcAUfAWdV9wBFwBByBPRFwVt0TzffICiF0XfceXcdpGcexLMvj5Nd1PQzDcfJdsiMwh4Cz6hwynr8OgbZtw78/SZd93/+bHfq+h1Bkxhi7ruNdlViivixLPtW2bYwRf/FsWZZ/YPhZgoOXORUCzqqnao5fb0xZlnVdq2oMwyB5dhzHEH44XlmWkg2HYQBXZjgRvCx1IUfKiTGWZUkqV1b5pSNwEAI/nPsgHS72exDouk4SKCreP34Eoa5rxXSKVVEScWhyFg9eVgQaY+z7XvJsjBEETdWecATegICz6htAfq4CnX8YBs6jx8cPIZtkCpaEUPDR0+AuWayua8gfx5EmMjOEgHzOstu2BZ2FEKRJfBaJEP6b6SNHFk7SXJJVUVI+S0VASZotbzGNhIerChC/PBoBZ9WjEX4un5zI/o95NII+3EXIxpK4BN9x0o01SqsvWYybOZLR2rZlpBlCYDAoWax9/KwW5kghiBYpBwupVMFHpA3MxPxdrRXgbgjBCpEPynTbtklqlmU87QjsiICz6o5gbhcFuuS8WBITwkPekiQL3iFl4FYygiPzclLMmXX9+MF0SUAyP8aIGLbv+8xaJ4QoC9u2pS7IocHEaxWrAhDFqgyiEX1LjclFCar2hCOwOwLOqrtDukWgZSKyxlNWZSSohEg7JG2pYoo9Y4xkKEV/yyNEyrTHp3hrzjyVvypWTUbrzqoSUk+/AQFn1TeA/FyFYrpVseqOrCrDQEV/pFqqy9QK2/HDMHRdxygb5ZVYZErSp1hgopidQkIIMiBFvrMq0fPEBxFwVv0g+P+pPgmrygOeiv7KshzHEXY+XQSIMWJHixE3q5qMHJOsmjkDADOSwm1sK5c1aIYnHIHjEHBWPQ7bFZJPwqpyh0pu9Nd1zeVaxKEqArVVRdhoA1vUlNLwoGJVlLFnCaQWmMGDCriVjFW5Bygf97QjcBwCzqrHYbtUMgkCPCLPNpFf8JaqKomdGdCfuiV1Z4rx1BTiPrASyvOMF+xBAWWP1KLSWDGwk3RsWJGUpUbaKQkdYrn+oLTQfj6rCsBglemXjsChCDirHgqvC08gAIpM3HiWNQwD6fhZ2f/ft28cLHzQizkCmxFwVt0MnT+4HQGEkGod4Kk4vIbwtBgLyGViZnrCETgaAWfVoxF2+bMI2O2muaIIb1cFqnzNYU6m5zsCByHgrHoQsC7WEXAEvhQBZ9UvbXivtiPgCByEgLPqQcC6WEfAEfhSBJxVv7ThvdqOgCNwEALOqgcB62IdAUfgSxFwVv3ShvdqOwKOwEEIOKseBOz+Yvn6EN6zGsdxyfv4a+3gW0xSHdKrDjat1evlHYE/g4Cz6i9oSvtOPXKOYFXAAfkSGn76WmZ62hFwBCwCzqoWk3Pl4DUkS6Bd19lvl+xlumVV/j/U45TuZbzLcQQ+i4Cz6mfxf64dHzdJljuO4JKsyn95svZN06TxnukI/FUEnFVP3bJY5Ux+uflQu+dYFfm+wHoo+C78tyPgrHrqFsT0X7EqMrmbdETk6Kx6ardw486NgLPqqdsnE6vK/8Kyex2cVXeH1AV+DwLOqmdva2y+24D0I6w6Z8zZQXT7HIE3IuCs+kawN6nCR/7VIkCM8f2sigD2uC2yTfD4Q47A6RBwVj1dk1iDQGfq/9y9mVURpVpyt9Z6jiPw5Qg4q/4aB+D2FBLLP/m8qoaZd6vsKsQqyV7YEfgSBJxVv6ShvZqOgCPwJgScVd8EtKtxBByBL0HAWfVLGtqr6Qg4Am9CwFn1TUC7GkfAEfgSBJxVv6ShvZqOgCPwJgScVd8EtKtxBByBL0HAWfVLGtqr6Qg4Am9CwFn1TUC7GkfgVAgMw2A/2nsqCz9rzCv4OKt+tu1cuyPwAQT6vq+qapqmD+j+PSrbx2+Dvc6qG0DzRxyBX4zA7XYrisIpdUkTNk2z4cMXzqpLsPUyjsAfQWCapqIobrfbH6nPwdXYBpez6sHN4uIdgTMh0HVdVVVnsuiHLVia+JF18MUwDHVdD8Mwp6frurXf3HBWnQPT8x2Bv4YAIq/T/oOctm2bpnn/0sT9fi+KYg6WaZpCCKuie2fVX9lz5D9Z+fhO7jiObdteLpc8lNfrtW1b9eEr/K9DfIUr/7jffR0BfKv3/bS1xHIE0ZttW+KESQ+Ebff7PYQwF7E2j9+SWqDMq6yaD56X25Es2ff9hqXipKg/lglWVU7Qtm0IoSiKd1b2fr+XZaksmTNgGIayLO/3uyqA6qjML7xUYwwadMdv2jZNs6O0HRsI359c6EVW73InnPNAfAZ+Dpzr9RpCAOPzY8cZFv7BqjICUs/w455ScQgBYTPvqsSSMArjJx8cx7HrOkY0GxY1LOgqR/ou9SKhSn7qchzHqqpgEjiINsPzkqwaY6yqqmmaXcwuikKCU9e1nQRhRrmqM2C2xfaFqfuyqjRbpqXr7gLRBiFsR2kYga0fPynW5si7a9NFUWS65P1+PyJIappGVraqKmvD5XLJrF0iDqVD1nUt/WetEyY9MMaYCVeT3U0xpGyLH6yKGyBjaTfyVUhS17VciQA5yqfoQFKfSuML87Jb2v+M1HXdvv1hmibUpXv8YBLsV+Z98BINeb1eYcPtdgsh8DLZzGBVlnnReGkA3JqDKCW3bbuhadrHj0JijNAlc+bSGVfmI+geMUbJEdtMpcy9EkVRcPoFP+QlDFZ47siqiAdln2WlpmliCCY7Iwu8mAghYLCfpglxn6x1jLEsy7kVJJAg145gp1wo2NCy7eNnK1WWpTKMZUIIajDIuGKCVeeicdnefd/LyxijZVVmqpI0FBMcScS4pegboCe9gaLWJtDfJKtCy1o5h5Yvy5IUWVUV06Qh1QGwrK4yN1sIppOz9aqq1PJCZo0/oxcjhOwY+7JqjBH/jUay6jiOc36YMXXfW+M4yoisaRq1HW851OZsNgkgJ92jbdvb7ZYpsFkpHpQBQYzxcrmEEOhaGAUZsEtd4zjKcSjGiKFIltnghNYDIdC2CBUVRaFmgetYNbnE0D9+1FGWpaK5JKti+E2qB3cnR4a+71Xb7x6uJlmVtTs6gR4OWDDtCiFYKHgIpn38pFXJDgBfkcUYY4YQ6rqWRAYHvVwumFhBhWzT6/WqOFRNYmCDHRQxWCL0mKaprmtJJdCrNlUhSlo+l076ki1sWdWWOSIHoIG+u64rHj/Sh9SIuwo9y6Eq53a7cWlIbZffbjfM8zjdVqMImi9pDAxLOpW0eVsapCn1QhGdDX6rujx0tW2bf2Eh6YTQSBxCCGr0mtvWB0TJaqqGwMidtPl/t5IiLL6yYySD2TlWRb4KnmOMqACRTZrBzCR2kCyxY1r5E+UwoVj1er1aC1l4SQL0EUJQE5n7/W4HYfSHqqqwdc5pkfS8GCNwruvaEq5tIEAqK85xfnr8yrJUg21d11VVQSkWv2Qnt/ueilUxlVPgYEQEZcQYm6ZRlUJ5NZ9CdZSo5OU2Vm2aZq4DJLXIzL7vi6Kwm2zWYRB5gCO6rhuGAYGVgj3GOMcjtuvKHKCEKQvmxSQLuApuyWKyIhnKQLGkU0kJ29J2eIYi9n0YpoZ8jr6qQykbkk6IvX4IHIahKArp2JCgPBCZysOlLtkQlDDnVGlWxXSYnXkYBqY5r1eGrmVVRDREFoYiE+SoCGJhd5JAZNJkVRKx7SSZx+0t0Ad2mSRWbdvOQV+WJes459BFUbDnSKXJ8nVdSxdsmkaOhWQ6yEF7kfLU3RhjURRyzYETN5qR6aUIFpqmsSMKHlc+jepQciax0A0Yq7J951ohows7GOBEUAPhyqwngIVZcdsbMdopbGGGLSxz1PwUhAKTVFvIp1hBVYb5TCSdinc3J+zwrAaVOcNUsaQBc8+iMM4GsNWkBOWBuAVpSVexkGZccZZVJUvK9am9WBUVUKyKutkKJ6NjidHaNFkVZPpirIqJNmyYpgkb8dM0DcNg4xQWk62SdOi2bTHds8N4srycVmOOI7uu6pPqtIByfTtrw0ArKT7v0IXYlrGto5o4w6rQQnJUCQ5LSgVZFT1kc6zKTRK4Pd71nKZpLgbH2COtUr2R7qEMxqUqrPav6rqWY7/0AdUWVg5nh0m9yJQCk8W4/6xaAZfSNvm4HZ4RPNGrlfF8VuXTExY6YYZSMX+3BkPFHKtKvVtWAFAxLPbZYVkSLiFIZmbWVdGE0v8oSnU5zoVVbaEx2cBJsZQPq/ClL4usLLYwPQyDHA+naYLf2KVMCsQXLniJuIN+hs6JmDe5GG87AHI4gbAF1P6mBBlnUyQUdmKFwEGOgrYMqwOBMmbnLSSkdm6+qTLJSzkUJQtQPls5U+zpLTksYeZelmWyRShK7SsWRSEnEBgpZUPzQcWhyJf8mGFVjIJoQTS9bCmIUiQl9SJtfcaWWZsDw2TP5cIURcEwi4k1GPulsuScE2LtxYJApcoDkQ+N7EQsnGyajCvOxqrYswKxKuOSkWOSVZE5x3EY+pTw5DCiKEPWdltaxaoQUpZlEtBtKvJPqf03RXnyQ23oh0qa7QBqCo8C9D87mZJehT1Z6frquLhaxYMxUCGHExqJL/3I9Qfe4noZ58jvYVW1/y7t2TctO5vqFGoZAW+gS+2SQ5Evc9RsA8KJPzcey7KUAyTlZygDZaxT8dnNCcV6CNXVQqd1TqizrKq6CT2HIOBBaAGxYMND2f+Z3SoYAfbEZEqZZVtOORDYPYQw17UgELuWKqiRHR7FFAcpY9ZeYhxTsSrsV6KQif6viEaVXHuJnXHsI2Gjk4QOJ1OXkvLoTDKTL/xhzQFtx+ClMPNxnhTB6kcIgRqxqIpnp2nCQmHyc5zJqE0e07nf73ISDZRQQTI+q7MEQ8lZc+URH6lYNXmqUW6aq/ndnPB8PogJES72SRiowiqOJWB5RX+SQ6FInqAAbhCOxxmv4GzAEtukz6jykE8L1d1tl7LXwMiiKBQJKmSoCGDSD0GyNghTTigpFaGhohfuFkoPhFI1btESLH+p1byMK+ZiVfiltQlrTGxRRJfJmbhqQsyLlSeBueTjqgCqZNGUdV6VziwPKTl9399uN8y8cARKFdh8iUkATjU1TUNGA4WxwXi0oKoqliENSXjRJeRrJ33fgzXsEMjF8bIsb7fb9XqVg5/cM8SRLDURZq0VVaEp2VKYr/FSPqWcCv2HBTIJIpMvI92JaemxeBxDRX4BLqPI3sLYBgeTx42xJEJLmFAUplgVgZ48dcc2LR7DJHkBkwmKxal73oWdc+TF7szH1Qs+tpoLc1TXrqrqcrkoqyBq7i0A1hdHOZOzSeWEmHixLjZEm6NatUWv6mjlZFzxCasq0fJyM/SqR0mZybR94yBZ7KDMucnCK+oYTG0W8spkzQ4PaqtquVVrXxbEeKAmgBwklujNuPKSx22ZHSkVJ8lsTGCVzuUoVp0rZvOv16uMpOaOGVhqsKI+kpN/YzVv0lonnDtrhV4pIxXqTQ5IGVfczqqg9rU+JLfLaXQmccR3ADLq7K1X+MtKQ46KDeeKZfJfsappGk5L+fqzjSgz2uUtsFLSF2UxpOe+bbE8VrUyX8nBnFRNSF8RqGaja0VtZlXbw5Ov29d1Lcl3rXnHlU9u1SxXt9wJ5zww+eoTDUDQraJsiznLv8SqMGVhj0JhOdOkEXOJz36zqm1bLAteHr++7xWsc2Y/zVdzlqflbQHQEKY5awc2LB5hPWEYhurxsyqW52CklEydfDb5HTa5GpN86rhMbgliJe51RS9SAxbc7DLFEsNw9hltOvdSSYzRHshfIvw9ZbgxsE3dEidMeiDUZQJVEJdddj+QVbdB8CueQuCAY6dybet143E6R62pvS52oQQctwQj49zPXqPFQgNOUkwuvdk+s8FIRDTqRdJVcjaPMff7vWkaftVp7nwueP9TjvcUinN+tVq9EYNNMzjPXED5aqz6FCkv4Ag4AudBoH38zmOPsoQTCJV/3OXT/7CCDeRVkYez6nHt5ZIdgdMhgHBVnic5nYknMyh5hCZvo7NqHh+/6wj8NQT2Pf3919D5WZ/r9bphdchZ9SeKfuUIfAEC7eP3BRV9qYob5v7Q56z6Eu7+sCPwSxHAyZZfavwbzMZ666rlVFrlrEooPOEIOAKOwA4IOKvuAKKLcAQcAUeACDirEgpPOAKOgCOwAwLOqjuA6CIcAUfAESACzqqEwhOOgCPgCOyAwD+RWy12hiOCwwAAAABJRU5ErkJggg==)
The network labelled as G is responsible for generating data samples that are intended to resemble the real data distribution, while the network labelled as D is responsible for distinguishing between the real data and the generated data samples, and x is a real data point drawn from the true data distribution pX, z is a random noise vector drawn from a prior distribution pZ, and G(z) is a generated data point obtained by applying the generator to the noise vector z. The first term in the objective function corresponds to the expected log probability that the discriminator correctly classifies a real data point, and the second term corresponds to the expected log probability that the discriminator incorrectly classifies a generated data point as real.