Deep-Feature-Based Autoencoder Network for Few-Shot Malicious Traffic Detection

With the increase of Internet visits and connections, it is becoming essential and arduous to protect the networks and different devices of the Internet of /ings (IoT) from malicious attacks. /e intrusion detection systems (IDSs) based on supervised machine learning (ML)methods require a large number of labeled samples. However, the number of abnormal behaviors is far less than that of normal behaviors, let alone that the shots of malicious behavior samples which can be intercepted as training dataset are actually limited. Consequently, it is a key research topic to conduct the anomaly detection for the small number of abnormal behavior samples./is paper proposes an anomaly detection model with a few abnormal samples to solve the problem in few-shot detection based on convolutional neural networks (CNN) and autoencoder (AE). /is model mainly consists of the CNN-based supervised pretraining module and the AE-based data reconstruction module. Only a few abnormal samples are utilized to the pretrain module to build the structure of extracting deep features. /e data reconstruction module simply chooses the deep features of normal samples as training data. /ere also exist some effective attention mechanisms in the pretraining module. /rough the pretraining of small samples, the accuracy of abnormal detection is improved compared with merely training normal samples with AE. /e simulation results prove that this solution can solve the above problems occurring in network behavior anomaly detection. In comparison to the original AE model and other clustering methods, the proposed model advances the detection results in a visible way.

[1]  Sireesha Rodda,et al.  Class imbalance problem in the Network Intrusion Detection Systems , 2016, 2016 International Conference on Electrical, Electronics, and Optimization Techniques (ICEEOT).

[2]  Mohan Li,et al.  Long Short Term Memory Networks Based Anomaly Detection for KPIs , 2019 .

[3]  Zhu Han,et al.  Joint Optimization of Caching, Computing, and Radio Resources for Fog-Enabled IoT Using Natural Actor–Critic Deep Reinforcement Learning , 2019, IEEE Internet of Things Journal.

[4]  Dongdong Yu,et al.  SPCNet: Spatial Preserve and Content-aware Network for Human Pose Estimation , 2020, ECAI.

[5]  Miguel Zenon Nicanor A Comparison between Text, Parquet, and PCAP Formats for Use in Distributed Network Flow Analysis on Hadoop , 2017 .

[6]  Jun Li,et al.  Development and application of a deep learning–based sparse autoencoder framework for structural damage identification , 2018, Structural Health Monitoring.

[7]  Geoffrey E. Hinton,et al.  ImageNet classification with deep convolutional neural networks , 2012, Commun. ACM.

[8]  Tara N. Sainath,et al.  Improving deep neural networks for LVCSR using rectified linear units and dropout , 2013, 2013 IEEE International Conference on Acoustics, Speech and Signal Processing.

[9]  Eduardo Rocha,et al.  A Survey of Payload-Based Traffic Classification Approaches , 2014, IEEE Communications Surveys & Tutorials.

[10]  Yi Zeng,et al.  $Deep-Full-Range$ : A Deep Learning Based Network Encrypted Traffic Classification and Intrusion Detection Framework , 2019, IEEE Access.

[11]  Patrick Crowley,et al.  Algorithms to accelerate multiple regular expressions matching for deep packet inspection , 2006, SIGCOMM.

[12]  Ritu Bala,et al.  A REVIEW ON KDD CUP99 AND NSL-KDD DATASET , 2019, International Journal of Advanced Research in Computer Science.

[13]  Mansoor Alam,et al.  A Deep Learning Approach for Network Intrusion Detection System , 2016, EAI Endorsed Trans. Security Safety.

[14]  Enhua Wu,et al.  Squeeze-and-Excitation Networks , 2017, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[15]  Atsuto Maki,et al.  A systematic study of the class imbalance problem in convolutional neural networks , 2017, Neural Networks.

[16]  Feng Liu,et al.  Monitoring and analyzing big traffic data of a large-scale cellular network with Hadoop , 2014, IEEE Network.

[17]  Xiaojun Wang,et al.  A secure controlled quantum image steganography algorithm , 2020, Quantum Information Processing.

[18]  Anaël Beaugnon,et al.  Machine Learning for Computer Security Detection Systems: Practical Feedback and Solutions , 2018 .

[19]  Ming Zhu,et al.  Malware traffic classification using convolutional neural network for representation learning , 2017, 2017 International Conference on Information Networking (ICOIN).

[20]  Ramchandra S. Mangrulkar,et al.  Intrusion Detection System Using Random Forest on the NSL-KDD Dataset , 2019, Emerging Research in Computing, Information, Communication and Applications.

[21]  Chen Mo,et al.  A Network Traffic Classification Model Based on Metric Learning , 2020 .

[22]  Iqbal H. Sarker,et al.  Cybersecurity data science: an overview from machine learning perspective , 2020, Journal of Big Data.

[23]  Biju Issac,et al.  Performance Comparison of Intrusion Detection Systems and Application of Machine Learning to Snort System , 2017, Future Gener. Comput. Syst..

[24]  Yonghao Gu,et al.  Semi-Supervised K-Means DDoS Detection Method Using Hybrid Feature Selection Algorithm , 2019, IEEE Access.

[25]  King Hann Lim,et al.  Investigation of activation functions in deep belief network , 2017, 2017 2nd International Conference on Control and Robotics Engineering (ICCRE).

[26]  Jing Ran,et al.  Encrypted Traffic Classification Based on Text Convolution Neural Networks , 2019, 2019 IEEE 7th International Conference on Computer Science and Network Technology (ICCSNT).

[27]  S. P. Shantharajah,et al.  A Study on NSL-KDD Dataset for Intrusion Detection System Based on Classification Algorithms , 2015 .

[28]  David Plonka,et al.  FlowScan: A Network Traffic Flow Reporting and Visualization Tool , 2000, LISA.

[29]  Yang Feng,et al.  Unsupervised Anomaly Detection via Variational Auto-Encoder for Seasonal KPIs in Web Applications , 2018, WWW.

[30]  Jianfeng Ma,et al.  Intrusion Detection for Smart Home Security Based on Data Augmentation with Edge Computing , 2020, ICC 2020 - 2020 IEEE International Conference on Communications (ICC).

[31]  Amaury Lendasse,et al.  Anomaly-Based Intrusion Detection Using Extreme Learning Machine and Aggregation of Network Traffic Statistics in Probability Space , 2018, Cognitive Computation.

[32]  Kaushik Roy,et al.  Comparison of Machine Learning and Deep Learning Models for Network Intrusion Detection Systems , 2020, Future Internet.

[33]  Li Xue,et al.  Data Security Defense and Algorithm for Edge Computing Based on Mean Field Game , 2020, Journal of Cyber Security.

[34]  Filip De Turck,et al.  Inter-dataset generalization strength of supervised machine learning methods for intrusion detection , 2020, J. Inf. Secur. Appl..

[35]  Manuel López Martín,et al.  Adversarial environment reinforcement learning algorithm for intrusion detection , 2019, Comput. Networks.

[36]  Taghi M. Khoshgoftaar,et al.  A survey on Image Data Augmentation for Deep Learning , 2019, Journal of Big Data.

[37]  Zhu Han,et al.  User Scheduling and Resource Allocation in HetNets With Hybrid Energy Supply: An Actor-Critic Reinforcement Learning Approach , 2018, IEEE Transactions on Wireless Communications.

[38]  Yanhui Guo,et al.  Using Object Detection Network for Malware Detection and Identification in Network Traffic Packets , 2020 .