Skip to main content
SpringerLink
Log in

An Intrusion Detection Framework for IoT Using Partial Domain Adaptation

  • Conference paper
  • First Online:
Book cover Science of Cyber Security (SciSec 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13005))

Included in the following conference series:

Abstract

With the rapid development of the Internet of Things (IoT), the security problem of IoT is becoming increasingly prominent. Deep learning (DL) has achieved success in network intrusion detection systems (NIDS) for IoT. Its capability of automatically extracting high-dimensional features from data and finding the association between data make it easy to identify abnormal activity from network traffic. However, DL method requires a large amount of labeled data, which is very time-consuming and expensive. Due to the privacy of IoT data, it is hard to collect enough data to train models. Also, the heterogeneity of IoT makes the NID model trained from the data collected from one IoT unable to be directly applied to another one. To address the problem, domain adaptation (DA) has been used by transferring the knowledge from the domain with huge amounts of labeled data to the domain with less or unlabeled data. However, previous DA methods generally assume the same label spaces between source and target domain, which is not feasible in a complex real environment of IoT. In this paper, we propose a NID framework using a weighted adversarial nets-based partial domain adaptation method to address this problem of inconsistent label spaces by mapping two domains to a domain-invariant feature space. The proposal can train a highly accurate NID model through the knowledge transfer from the abundant public labeled dataset of the traditional Internet to the unlabeled dataset of IoT. In addition, the proposed scheme can detect unknown attacks in the IoT with the help of knowledge from the traditional Internet. Moreover, the proposed scheme is an online NID detection which is more suitable for real IoT application. The experiments results demonstrate that our proposed scheme can achieve a good performance to detect attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Our code is public available at https://github.com/rainforest2378/IoT-PDA.git.

References

  1. Gubbi, J., Buyya, R., Marusic, S., Palaniswami, M.: Internet of Things (IoT): a vision, architectural elements, and future directions. Futur. Gener. Comput. Syst. 29(7), 1645–1660 (2013)

    Article  Google Scholar 

  2. Chaabouni, N., et al.: Network intrusion detection for IoT security based on learning techniques. IEEE Commun. Surv. Tutor. 21(3), 2671–2701 (2019)

    Article  Google Scholar 

  3. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: Proceedings of the Second IEEE Symposium on Computational Intelligence for Security and Defence Applications, pp. 1–6 (2009)

    Google Scholar 

  4. Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: DARPA off-line intrusion detection evaluation. Comput. Netw. 34(4), 579–595 (2000)

    Article  Google Scholar 

  5. Bostani, H., Sheikhan, M.: Hybrid of anomaly-based and specification-based IDS for Internet of Things using unsupervised OPF based on MapReduce approach. Comput. Commun. 98, 52–71 (2017)

    Article  Google Scholar 

  6. Pajouh, H.H., et al.: A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks. IEEE Trans. Emerg. Top. Comput. 7, 314–323 (2016)

    Article  Google Scholar 

  7. Lopez-Martin, M., Carro, B., Sanchez-Esguevillas, A., Lloret, J.: Conditional variational autoencoder for prediction and feature recovery applied to intrusion detection in IoT. Sensors 17(9), 1967 (2017)

    Article  Google Scholar 

  8. Mirsky, Y., Doitshman, T., Elovici, Y., Shabtai, A.: Kitsune: an ensemble of autoencoders for online network intrusion detection. arXiv preprint arXiv:1802.09089 (2018)

  9. Hodo, E., et al.: Threat analysis of IoT networks using artificial neural network intrusion detection system. In: 2016 International Symposium on Networks, Computers and Communications (ISNCC), pp. 1–6. IEEE (2016)

    Google Scholar 

  10. Zhao, J., Shetty, S., Pan, J.W.: Feature-based transfer learning for network security. In: MILCOM 2017-2017 IEEE Military Communications Conference (2017)

    Google Scholar 

  11. Zhao, J., Shetty, S., Pan, J.W., Kamhoua, C., Kwiat, K.: Transfer learning for detecting unknown network attacks. EURASIP J. Inf. Secur. 2019, Article no. 1 (2019)

    Google Scholar 

  12. Singla, A., Bertino, E., Verma, D.: Preparing network intrusion detection deep learning models with minimal data using adversarial domain adaptation. In: The 15th ACM Asia Conference on Computer and Communications Security, pp. 127–140 (2020)

    Google Scholar 

  13. Pan, S.J., Yang, Q.: A survey on transfer learning. IEEE Trans. Knowl. Data Eng. 22(10), 1345–1359 (2009)

    Article  Google Scholar 

  14. Wang, M., Deng, W.: Deep visual domain adaptation: a survey. Neurocomputing 312, 135–153 (2018)

    Article  Google Scholar 

  15. Tzeng, E., Hoffman, J., Zhang, N., Saenko, K., Darrell, T.: Deep domain confusion: maximizing for domain invariance. arXiv preprint arXiv:1412.3474 (2014)

  16. Ben-David, S., et al.: A theory of learning from different domains. Mach. Learn. 79(1), 151–175 (2010)

    Article  MathSciNet  Google Scholar 

  17. Sun, B., Saenko, K.: Deep CORAL: correlation alignment for deep domain adaptation. In: Hua, G., Jégou, H. (eds.) ECCV 2016. LNCS, vol. 9915, pp. 443–450. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-49409-8_35

    Chapter  Google Scholar 

  18. Fan, C., et al.: A review of deep domain adaptation: general situation and complex situation. Acta Automatica Sinica 46, 1–34 (2020)

    Google Scholar 

  19. Zhang, J., Ding, Z.W., Li, W.Q., Ogunbona, P.: Importance weighted adversarial nets for partial domain adaptation. In: IEEE Conference on Computer Vision and Pattern Recognition (2018)

    Google Scholar 

  20. Ganin, Y., et al.: Domain-adversarial training of neural networks. J. Mach. Learn. Res. 17(1), 2096–2030 (2016)

    MathSciNet  Google Scholar 

  21. Goodfellow, I., et al.: Generative adversarial nets. In: Advances in Neural Information Processing Systems (2014)

    Google Scholar 

  22. Sharafaldin, I., Habibi Lashkari, A., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: 4th International Conference on Information Systems Security and Privacy (ICISSP) (2018)

    Google Scholar 

  23. Palatucci, M., Pomerleau, D., Hinton, G.E., Mitchell, T.M.: Zero-shot learning with semantic output codes. In: 23rd Annual Conference on Neural Information Processing Systems, pp. 1401–1408 (2009)

    Google Scholar 

Download references

Acknowledgment

This work is supported by the Project of Beijing Municipal Science & Technology Plan under Grant No. Z191100007119001 and Z191100007119003.

Author information

Authors and Affiliations

  1. Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Yulin Fan, Yang Li, Huajun Cui, Huiran Yang, Yan Zhang & Weiping Wang

  2. School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China

    Yulin Fan, Yang Li, Yan Zhang & Weiping Wang

Authors
  1. Yulin Fan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yang Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Huajun Cui
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Huiran Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yan Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Weiping Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yulin Fan .

Editor information

Editors and Affiliations

  1. Fudan University, Shanghai, China

    Wenlian Lu

  2. George Mason University, Fairfax, VA, USA

    Kun Sun

  3. Computer Science Department, Columbia University, New York, NY, USA

    Moti Yung

  4. Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Feng Liu

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Fan, Y., Li, Y., Cui, H., Yang, H., Zhang, Y., Wang, W. (2021). An Intrusion Detection Framework for IoT Using Partial Domain Adaptation. In: Lu, W., Sun, K., Yung, M., Liu, F. (eds) Science of Cyber Security. SciSec 2021. Lecture Notes in Computer Science(), vol 13005. Springer, Cham. https://doi.org/10.1007/978-3-030-89137-4_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-89137-4_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-89136-7

  • Online ISBN: 978-3-030-89137-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation