Abstract
With the rapid development of the Internet of Things (IoT), the security problem of IoT is becoming increasingly prominent. Deep learning (DL) has achieved success in network intrusion detection systems (NIDS) for IoT. Its capability of automatically extracting high-dimensional features from data and finding the association between data make it easy to identify abnormal activity from network traffic. However, DL method requires a large amount of labeled data, which is very time-consuming and expensive. Due to the privacy of IoT data, it is hard to collect enough data to train models. Also, the heterogeneity of IoT makes the NID model trained from the data collected from one IoT unable to be directly applied to another one. To address the problem, domain adaptation (DA) has been used by transferring the knowledge from the domain with huge amounts of labeled data to the domain with less or unlabeled data. However, previous DA methods generally assume the same label spaces between source and target domain, which is not feasible in a complex real environment of IoT. In this paper, we propose a NID framework using a weighted adversarial nets-based partial domain adaptation method to address this problem of inconsistent label spaces by mapping two domains to a domain-invariant feature space. The proposal can train a highly accurate NID model through the knowledge transfer from the abundant public labeled dataset of the traditional Internet to the unlabeled dataset of IoT. In addition, the proposed scheme can detect unknown attacks in the IoT with the help of knowledge from the traditional Internet. Moreover, the proposed scheme is an online NID detection which is more suitable for real IoT application. The experiments results demonstrate that our proposed scheme can achieve a good performance to detect attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Our code is public available at https://github.com/rainforest2378/IoT-PDA.git.
References
Gubbi, J., Buyya, R., Marusic, S., Palaniswami, M.: Internet of Things (IoT): a vision, architectural elements, and future directions. Futur. Gener. Comput. Syst. 29(7), 1645–1660 (2013)
Chaabouni, N., et al.: Network intrusion detection for IoT security based on learning techniques. IEEE Commun. Surv. Tutor. 21(3), 2671–2701 (2019)
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: Proceedings of the Second IEEE Symposium on Computational Intelligence for Security and Defence Applications, pp. 1–6 (2009)
Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: DARPA off-line intrusion detection evaluation. Comput. Netw. 34(4), 579–595 (2000)
Bostani, H., Sheikhan, M.: Hybrid of anomaly-based and specification-based IDS for Internet of Things using unsupervised OPF based on MapReduce approach. Comput. Commun. 98, 52–71 (2017)
Pajouh, H.H., et al.: A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks. IEEE Trans. Emerg. Top. Comput. 7, 314–323 (2016)
Lopez-Martin, M., Carro, B., Sanchez-Esguevillas, A., Lloret, J.: Conditional variational autoencoder for prediction and feature recovery applied to intrusion detection in IoT. Sensors 17(9), 1967 (2017)
Mirsky, Y., Doitshman, T., Elovici, Y., Shabtai, A.: Kitsune: an ensemble of autoencoders for online network intrusion detection. arXiv preprint arXiv:1802.09089 (2018)
Hodo, E., et al.: Threat analysis of IoT networks using artificial neural network intrusion detection system. In: 2016 International Symposium on Networks, Computers and Communications (ISNCC), pp. 1–6. IEEE (2016)
Zhao, J., Shetty, S., Pan, J.W.: Feature-based transfer learning for network security. In: MILCOM 2017-2017 IEEE Military Communications Conference (2017)
Zhao, J., Shetty, S., Pan, J.W., Kamhoua, C., Kwiat, K.: Transfer learning for detecting unknown network attacks. EURASIP J. Inf. Secur. 2019, Article no. 1 (2019)
Singla, A., Bertino, E., Verma, D.: Preparing network intrusion detection deep learning models with minimal data using adversarial domain adaptation. In: The 15th ACM Asia Conference on Computer and Communications Security, pp. 127–140 (2020)
Pan, S.J., Yang, Q.: A survey on transfer learning. IEEE Trans. Knowl. Data Eng. 22(10), 1345–1359 (2009)
Wang, M., Deng, W.: Deep visual domain adaptation: a survey. Neurocomputing 312, 135–153 (2018)
Tzeng, E., Hoffman, J., Zhang, N., Saenko, K., Darrell, T.: Deep domain confusion: maximizing for domain invariance. arXiv preprint arXiv:1412.3474 (2014)
Ben-David, S., et al.: A theory of learning from different domains. Mach. Learn. 79(1), 151–175 (2010)
Sun, B., Saenko, K.: Deep CORAL: correlation alignment for deep domain adaptation. In: Hua, G., Jégou, H. (eds.) ECCV 2016. LNCS, vol. 9915, pp. 443–450. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-49409-8_35
Fan, C., et al.: A review of deep domain adaptation: general situation and complex situation. Acta Automatica Sinica 46, 1–34 (2020)
Zhang, J., Ding, Z.W., Li, W.Q., Ogunbona, P.: Importance weighted adversarial nets for partial domain adaptation. In: IEEE Conference on Computer Vision and Pattern Recognition (2018)
Ganin, Y., et al.: Domain-adversarial training of neural networks. J. Mach. Learn. Res. 17(1), 2096–2030 (2016)
Goodfellow, I., et al.: Generative adversarial nets. In: Advances in Neural Information Processing Systems (2014)
Sharafaldin, I., Habibi Lashkari, A., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: 4th International Conference on Information Systems Security and Privacy (ICISSP) (2018)
Palatucci, M., Pomerleau, D., Hinton, G.E., Mitchell, T.M.: Zero-shot learning with semantic output codes. In: 23rd Annual Conference on Neural Information Processing Systems, pp. 1401–1408 (2009)
Acknowledgment
This work is supported by the Project of Beijing Municipal Science & Technology Plan under Grant No. Z191100007119001 and Z191100007119003.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Fan, Y., Li, Y., Cui, H., Yang, H., Zhang, Y., Wang, W. (2021). An Intrusion Detection Framework for IoT Using Partial Domain Adaptation. In: Lu, W., Sun, K., Yung, M., Liu, F. (eds) Science of Cyber Security. SciSec 2021. Lecture Notes in Computer Science(), vol 13005. Springer, Cham. https://doi.org/10.1007/978-3-030-89137-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-89137-4_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-89136-7
Online ISBN: 978-3-030-89137-4
eBook Packages: Computer ScienceComputer Science (R0)