Skip to main content
SpringerLink
Log in

Zero-Shot Learning for Intrusion Detection via Attribute Representation

  • Conference paper
  • First Online:
Neural Information Processing (ICONIP 2019)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 11953))

Included in the following conference series:

Abstract

Network intrusion detection is an important network security infrastructure. Although numerous studies based on machine learning have explored how to enable intrusion detection to detect unknown novel attack types, so called anomaly detection, little work focuses on using attribute learning methods. An important application of attribute learning is zero-shot learning, which can be used to solve the anomaly detection problem. In this paper, we propose an attribute learning method. A pipeline framework using random forest feature selection and DBSCAN clustering attribute conversion is introduced to convert raw network data into attributes. A comprehensive empirical evaluation demonstrates that our proposed framework sustains the data information effectively and outperforms the state-of-the-art approaches. An extra zero-shot learning experiment show that our attribute approach works well in zero-shot learning scenario.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Akata, Z., Perronnin, F., Harchaoui, Z., Schmid, C.: Label-embedding for image classification. IEEE Trans. Pattern Anal. Mach. Intell. 38(7), 1425–1438 (2016)

    Article  Google Scholar 

  2. Akata, Z., Reed, S., Walter, D., Lee, H., Schiele, B.: Evaluation of output embeddings for fine-grained image classification. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 2927–2936 (2015)

    Google Scholar 

  3. Breiman, L.: Random forests. Mach. Learn. 45(1), 5–32 (2001)

    Article  Google Scholar 

  4. Changpinyo, S., Chao, W.L., Gong, B., Sha, F.: Synthesized classifiers for zero-shot learning. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 5327–5336 (2016)

    Google Scholar 

  5. Denning, D.E.: An intrusion-detection model. IEEE Trans. Softw. Eng. 2, 222–232 (1987)

    Article  Google Scholar 

  6. Erfani, S.M., Rajasegarar, S., Karunasekera, S., Leckie, C.: High-dimensional and large-scale anomaly detection using a linear one-class SVM with deep learning. Pattern Recogn. 58, 121–134 (2016)

    Article  Google Scholar 

  7. Farhadi, A., Endres, I., Hoiem, D., Forsyth, D.: Describing objects by their attributes. In: 2009 IEEE Conference on Computer Vision and Pattern Recognition, CVPR 2009, pp. 1778–1785. IEEE (2009)

    Google Scholar 

  8. Fiore, U., Palmieri, F., Castiglione, A., De Santis, A.: Network anomaly detection with the restricted Boltzmann machine. Neurocomputing 122, 13–23 (2013)

    Article  Google Scholar 

  9. Frome, A., Corrado, G.S., Shlens, J., Bengio, S., Dean, J., Mikolov, T., et al.: Devise: a deep visual-semantic embedding model. In: Advances in Neural Information Processing Systems, pp. 2121–2129 (2013)

    Google Scholar 

  10. Heberlein, T.: Network Security Monitor (NSM)-final Report. UC Davis, Davis (1995)

    Google Scholar 

  11. Lampert, C.H., Nickisch, H., Harmeling, S.: Attribute-based classification for zero-shot visual object categorization. IEEE Trans. Pattern Anal. Mach. Intell. 36(3), 453–465 (2014)

    Article  Google Scholar 

  12. Li, Z., Qin, Z.: A semantic parsing based LSTM model for intrusion detection. In: Cheng, L., Leung, A.C.S., Ozawa, S. (eds.) ICONIP 2018. LNCS, vol. 11304, pp. 600–609. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-04212-7_53

    Chapter  Google Scholar 

  13. Li, Z., Qin, Z., Huang, K., Yang, X., Ye, S.: Intrusion detection using convolutional neural networks for representation learning. In: Liu, D., Xie, S., Li, Y., Zhao, D., El-Alfy, E.-S.M. (eds.) ICONIP 2017. LNCS, vol. 10638, pp. 858–866. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70139-4_87

    Chapter  Google Scholar 

  14. Norouzi, M., et al.: Zero-shot learning by convex combination of semantic embeddings. arXiv preprint. arXiv:1312.5650 (2013)

  15. Parikh, D., Grauman, K.: Interactively building a discriminative vocabulary of nameable attributes. In: 2011 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), pp. 1681–1688. IEEE (2011)

    Google Scholar 

  16. Pérez, J.L.R., Ribeiro, B.: Attribute learning for network intrusion detection. In: Angelov, P., Manolopoulos, Y., Iliadis, L., Roy, A., Vellasco, M. (eds.) INNS 2016. AISC, vol. 529, pp. 39–49. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-47898-2_5

    Chapter  Google Scholar 

  17. Rivero, J., Ribeiro, B., Chen, N., Leite, F.S.: A Grassmannian approach to zero-shot learning for network intrusion detection. In: International Conference on Neural Information Processing, pp. 565–575. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70087-8_59

    Chapter  Google Scholar 

  18. Roesch, M., et al.: Snort: lightweight intrusion detection for networks. In: Lisa, vol. 99, pp. 229–238 (1999)

    Google Scholar 

  19. Rohrbach, M., Stark, M., Schiele, B.: Evaluating knowledge transfer and zero-shot learning in a large-scale setting. In: 2011 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), pp. 1641–1648. IEEE (2011)

    Google Scholar 

  20. Socher, R., Ganjoo, M., Manning, C.D., Ng, A.: Zero-shot learning through cross-modal transfer. In: Advances in Neural Information Processing Systems, pp. 935–943 (2013)

    Google Scholar 

  21. Souri, Y., Noury, E., Adeli, E.: Deep relative attributes. In: Lai, S.-H., Lepetit, V., Nishino, K., Sato, Y. (eds.) ACCV 2016. LNCS, vol. 10115, pp. 118–133. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-54193-8_8

    Chapter  Google Scholar 

  22. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6. IEEE (2009)

    Google Scholar 

  23. Welinder, P., et al.: Caltech-UCSD birds 200 (2010)

    Google Scholar 

  24. Xian, Y., Akata, Z., Sharma, G., Nguyen, Q., Hein, M., Schiele, B.: Latent embeddings for zero-shot classification. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 69–77 (2016)

    Google Scholar 

  25. Zhang, Z., Saligrama, V.: Zero-shot learning via semantic similarity embedding. In: Proceedings of the IEEE International Conference on Computer Vision, pp. 4166–4174 (2015)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Software, Tsinghua University, Beijing, 100084, China

    Zhipeng Li, Zheng Qin, Pengbo Shen & Liu Jiang

Authors
  1. Zhipeng Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zheng Qin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Pengbo Shen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Liu Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zheng Qin .

Editor information

Editors and Affiliations

  1. Australian National University, Canberra, ACT, Australia

    Tom Gedeon

  2. Murdoch University, Murdoch, WA, Australia

    Kok Wai Wong

  3. Kyungpook National University, Daegu, Korea (Republic of)

    Minho Lee

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Li, Z., Qin, Z., Shen, P., Jiang, L. (2019). Zero-Shot Learning for Intrusion Detection via Attribute Representation. In: Gedeon, T., Wong, K., Lee, M. (eds) Neural Information Processing. ICONIP 2019. Lecture Notes in Computer Science(), vol 11953. Springer, Cham. https://doi.org/10.1007/978-3-030-36708-4_29

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-36708-4_29

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-36707-7

  • Online ISBN: 978-3-030-36708-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation