Skip to main content
Springer Nature Link
Log in

Network Anomaly Detection Using Federated Learning and Transfer Learning

  • Conference paper
  • First Online:
Security and Privacy in Digital Economy (SPDE 2020)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1268))

Included in the following conference series:

  • 2691 Accesses

Abstract

Since deep neural networks can learn data representation from training data automatically, deep learning methods are widely used in the network anomaly detection. However, challenges of deep learning-based anomaly detection methods still exist, the major of which is the training data scarcity problem. In this paper, we propose a novel network anomaly detection method (NAFT) using federated learning and transfer learning to overcome the data scarcity problem. In the first learning stage, a people or organization \(O_t\), who intends to conduct a detection model for a specific attack, can join in the federated learning with a similar training task to learn basic knowledge from other participants’ training data. In the second learning stage, \(O_t\) uses the transfer learning method to reconstruct and re-train the model to further improve the detection performance on the specific task. Experiments conducted on the UNSW-NB15 dataset show that the proposed method can achieve a better anomaly detection performance than other baseline methods when training data is scarce.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Brewer, R.: Ransomware attacks: detection, prevention and cure. Network Secur. 2016(9), 5–9 (2016)

    Article  Google Scholar 

  2. Carlin, D., Burgess, J., O’Kane, P., Sezer, S.: You could be mine (d): the rise of cryptojacking. IEEE Secur. Priv. 18(2), 16–22 (2019)

    Article  Google Scholar 

  3. Shui, Y., Zhou, W., Jia, W., Guo, S., Xiang, Y., Tang, F.: Discriminating ddos attacks from flash crowds using flow correlation coefficient. IEEE Trans. Parallel Distrib. Syst. 23(6), 1073–1080 (2011)

    Google Scholar 

  4. Shui, Y., Zhou, W., Doss, R., Jia, W.: Traceback of ddos attacks using entropy variations. IEEE Trans. Parallel Distrib. Syst. 22(3), 412–425 (2010)

    Google Scholar 

  5. Shui, Y., Zhou, W., Guo, S., Guo, M.: A feasible ip traceback framework through dynamic deterministic packet marking. IEEE Trans. Comput. 65(5), 1418–1427 (2015)

    MathSciNet  MATH  Google Scholar 

  6. Yu, S., Tian, Y., Guo, S., Wu, D.O.: Can we beat ddos attacks in clouds? IEEE Trans. Parallel Distrib. Syst. 25(9), 2245–2254 (2013)

    Article  Google Scholar 

  7. Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: Network anomaly detection: methods, systems and tools. IEEE Commun. Surv. Tutorials 16(1), 303–336 (2013)

    Article  Google Scholar 

  8. McMahan, HB., et al.: Communication-efficient learning of deep networks from decentralized data (2016). arXiv preprint arXiv:1602.05629

  9. Konečnỳ, J., McMahan, H.B., Yu, F.X., Richtárik, P., Suresh, A.T., Bacon, D.: Federated learning: Strategies for improving communication efficiency (2016). arXiv preprint arXiv:1610.05492

  10. Lin, Z., Shi, Y., Xue, Z.: IDSGAN: Generative adversarial networks for attack generation against intrusion detection (2018). arXiv preprint arXiv:1809.02077

  11. Usama, M., et al.: Generative adversarial networks for launching and thwarting adversarial attacks on network intrusion detection systems. In: 2019 15th International Wireless Communications and Mobile Computing Conference (IWCMC), pp. 78–83. IEEE (2019)

    Google Scholar 

  12. Shui, Y., Guo, S., Stojmenovic, I.: Fool me if you can: mimicking attacks and anti-attacks in cyberspace. IEEE Trans. Comput. 64(1), 139–151 (2013)

    MathSciNet  MATH  Google Scholar 

  13. Shui, Y.: Big privacy: challenges and opportunities of privacy study in the age of big data. IEEE Access 4, 2751–2763 (2016)

    Article  Google Scholar 

  14. Shui, Y., Liu, M., Dou, W., Liu, X., Zhou, S.: Networking for big data: a survey. IEEE Commun. Surv. Tutorials 19(1), 531–549 (2016)

    Google Scholar 

  15. Bakopoulou, E., Tillman, B., Markopoulou, A.: A federated learning approach for mobile packet classification (2019). arXiv preprint arXiv:1907.13113

  16. Zhao, Y., Chen, J., Wu, D., Teng, J., Yu, S.: Multi-task network anomaly detection using federated learning. In: Proceedings of the Tenth International Symposium on Information and Communication Technology, pp. 273–279 (2019)

    Google Scholar 

  17. Weiss, K., Khoshgoftaar, T.M., Wang, D.D.: A survey of transfer learning. J. Big Data 3(1), 1–40 (2016). https://doi.org/10.1186/s40537-016-0043-6

    Article  Google Scholar 

  18. Pan, S.J., Yang, Q., Sinno Jialin Pan and Qiang Yang: A survey on transfer learning. IEEE Transactions on knowledge and data engineering 22(10), 1345–1359 (2009)

    Article  Google Scholar 

  19. Chen, Y., Wang, J., Yu, C., Gao, W., Qin, X.: Fedhealth: A federated transfer learning framework for wearable healthcare (2019). arXiv preprint arXiv:1907.09173

  20. Wu, P., Guo, H., Buckland, R.: A transfer learning approach for network intrusion detection. In: 2019 IEEE 4th International Conference on Big Data Analytics (ICBDA), pp. 281–285. IEEE (2019)

    Google Scholar 

  21. Singla, A., Bertino, E., Verma, D.: Overcoming the lack of labeled data: Training intrusion detection models using transfer learning. In: 2019 IEEE International Conference on Smart Computing (SMARTCOMP), pp. 69–74. IEEE (2019)

    Google Scholar 

  22. Maas, A.L., Hannun, A.Y., Ng, A.Y.: Rectifier nonlinearities improve neural network acoustic models. In: Proceedings of the International Conference on Machine Learning, vol. 30, p. 3 (2013)

    Google Scholar 

  23. Qu, Y., et al.: Decentralized privacy using blockchain-enabled federated learning in fog computing. IEEE Internet Things J. 7, 6 (2020)

    Article  Google Scholar 

  24. Yang, Q., Liu, Y., Chen, T., Tong, Y.: Federated machine learning: Concept and applications. ACM Trans. Intell. Syst. Technol. (TIST) 10(2), 1–19 (2019)

    Article  Google Scholar 

  25. Moustafa, N., Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 Military Communications and Information Systems Conference (MilCIS), pp. 1–6. IEEE (2015)

    Google Scholar 

  26. Chollet, F., et al.: Keras (2015). https://github.com/fchollet/keras

  27. Tzeng, E., Hoffman, J., Saenko, K., Darrell, T.: Adversarial discriminative domain adaptation. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 7167–7176 (2017)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Information Science and Technology, Beijing University of Chemical Technology, Beijing, 100029, China

    Ying Zhao & Junjun Chen

  2. Library, Beijing University of Chemical Technology, Beijing, 100029, China

    Qianling Guo

  3. Center for Information, Beijing University of Chemical Technology, Beijing, 100029, China

    Jian Teng

  4. School of Computer Science, University of Technology Sydney, Sydney, NSW, 2194, Australia

    Di Wu

Authors
  1. Ying Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Junjun Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Qianling Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jian Teng
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Di Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jian Teng .

Editor information

Editors and Affiliations

  1. University of Technology Sydney, Sydney, NSW, Australia

    Shui Yu

  2. IBM Zurich Research Laboratory, Zurich, Switzerland

    Peter Mueller

  3. Ningbo University, Ningbo, China

    Jiangbo Qian

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zhao, Y., Chen, J., Guo, Q., Teng, J., Wu, D. (2020). Network Anomaly Detection Using Federated Learning and Transfer Learning. In: Yu, S., Mueller, P., Qian, J. (eds) Security and Privacy in Digital Economy. SPDE 2020. Communications in Computer and Information Science, vol 1268. Springer, Singapore. https://doi.org/10.1007/978-981-15-9129-7_16

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-9129-7_16

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-9128-0

  • Online ISBN: 978-981-15-9129-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics