Abstract
In response to the issue of insufficient model detection capability caused by the lack of labeled samples and the existence of new types of attacks in the industrial internet, a few-shot learning-based intrusion detection method is proposed.The method constructs the encoder of the prototypical network using a one-dimensional convolutional neural network (1D-CNN) and an attention mechanism, and employs the squared Euclidean distance function as the metric function to improve the prototypical network. This approach aims to enhance the accuracy of intrusion detection in scenarios with scarce labeled samples and the presence of new types of attacks.inally, simulation experiments are conducted on the few-shot learning-based intrusion detection system. The results demonstrate that the method achieves accuracy rates of 86.35% and 91.25% on the CIC-IDS 2017 and GasPipline datasets, respectively, while also exhibiting significant advantages in detecting new types of attacks.
Access this article
We’re sorry, something doesn't seem to be working properly.
Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs10207-024-00889-x/MediaObjects/10207_2024_889_Fig1_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs10207-024-00889-x/MediaObjects/10207_2024_889_Fig2_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs10207-024-00889-x/MediaObjects/10207_2024_889_Figa_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs10207-024-00889-x/MediaObjects/10207_2024_889_Fig3_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs10207-024-00889-x/MediaObjects/10207_2024_889_Fig4_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs10207-024-00889-x/MediaObjects/10207_2024_889_Fig5_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs10207-024-00889-x/MediaObjects/10207_2024_889_Fig6_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs10207-024-00889-x/MediaObjects/10207_2024_889_Fig7_HTML.png)
Similar content being viewed by others
Data availibility
The dataset analyzed during the current research period can be publicly available for free on the official website of the dataset.
References
Bhamare, D., Zolanvari, M., Erbad, A., Jain, R., Khan, K., Meskin, N.: Cybersecurity for industrial control systems: a survey. Comput. Secur. 89, 101677 (2020)
Serror, M., Hack, S., Henze, M., Schuba, M., Wehrle, K.: Challenges and opportunities in securing the industrial internet of things. IEEE Trans. Industr. Inf. 17(5), 2985–2996 (2020)
Kou, L., Ding, S., Rao, Y., Xu, W., Zhang, J.: A lightweight intrusion detection model for 5g-enabled industrial internet. Mobile Netw. Appl. 27(6), 2449–2458 (2022)
Yang, Y., Wu, L., Yin, G., Li, L., Zhao, H.: A survey on security and privacy issues in internet-of-things. IEEE Internet Things J. 4(5), 1250–1258 (2017)
Malik, S., Amin, J., Sharif, M., Yasmin, M., Kadry, S., Anjum, S.: Fractured elbow classification using hand-crafted and deep feature fusion and selection based on whale optimization approach. Mathematics 10(18), 3291 (2022)
Abu-Khzam, F.N., Abd El-Wahab, M.M., Haidous, M., Yosri, N.: Learning from obstructions: an effective deep learning approach for minimum vertex cover. Ann. Math. Artif. Intell. 1–12, (2022)
Tariq, U., Ahanger, T.A., Ibrahim, A., Bouteraa, Y.S.: The industrial internet of things (iiot): an anomaly identification and countermeasure method. J. Circuits Syst. Comput. 31(12), 2250219 (2022)
Sayour, M.H., Kozhaya, S.E., Saab, S.S., et al.: Autonomous robotic manipulation: real-time, deep-learning approach for grasping of unknown objects. J. Robot. 2022(1), 2585656 (2022)
Wang, J., Li, P., Kong, W., An, R.: Unknown security attack detection of industrial control system by deep learning. Mathematics 10(16), 2872 (2022)
Khan, I.A., Keshk, M., Pi, D., Khan, N., Hussain, Y., Soliman, H.: Enhancing iiot networks protection: a robust security model for attack detection in internet industrial control systems. Ad Hoc Netw. 134, 102930 (2022)
Krithivasan, K., Pravinraj, S., VS, S.S., et al.: Detection of cyberattacks in industrial control systems using enhanced principal component analysis and hypergraph-based convolution neural network (EPCA-HG-CNN). IEEE Trans. Ind. Appl. 56(4), 4394–4404 (2020)
Abid, A., Jemili, F., Korbaa, O.: Distributed deep learning approach for intrusion detection system in industrial control systems based on big data technique and transfer learning. J. Inf. Telecommun. 7(4), 513–541 (2023)
Meddeb, R., Jemili, F., Triki, B., Korbaa, O.: A deep learning-based intrusion detection approach for mobile ad-hoc network. Soft. Comput. 27(14), 9425–9439 (2023)
Altunay, H.C., Albayrak, Z.: A hybrid cnn+ lstm-based intrusion detection system for industrial iot networks. Eng. Sci. Technol., Int. J. 38, 101322 (2023)
Wang, Y., Yao, Q., Kwok, J.T., Ni, L.M.: Generalizing from a few examples: a survey on few-shot learning. ACM Comput Surv. (csur) 53(3), 1–34 (2020)
Das, S., Mullick, S.S., Zelinka, I.: On supervised class-imbalanced learning: an updated perspective and some key challenges. IEEE Trans. Artif. Intell. 3(6), 973–993 (2022)
Xu, C., Shen, J., Du, X.: A method of few-shot network intrusion detection based on meta-learning framework. IEEE Trans. Inf. Forensics Secur. 15, 3540–3552 (2020)
Hospedales, T., Antoniou, A., Micaelli, P., Storkey, A.: Meta-learning in neural networks: a survey. IEEE Trans. Pattern Anal. Mach. Intell. 44(9), 5149–5169 (2021)
Tian, X., Chen, L., Zhang, X., Chen, E.: Improved prototypical network model for forest species classification in complex stand. Remote Sens. 12(22), 3839 (2020)
Xiao, Y., Jin, Y., Hao, K.: Adaptive prototypical networks with label words and joint representation learning for few-shot relation classification. IEEE Trans. Neural Netw. Learn. Syst. 34(3), 1406–1417 (2021)
Zhou, X., Liang, W., Shimizu, S., Ma, J., Jin, Q.: Siamese neural network based few-shot learning for anomaly detection in industrial cyber-physical systems. IEEE Trans. Industr. Inf. 17(8), 5790–5798 (2020)
Yang, J., Li, H., Shao, S., Zou, F., Wu, Y.: Fs-ids: a framework for intrusion detection based on few-shot learning. Comput. Secur. 122, 102899 (2022)
Bedi, P., Gupta, N., Jindal, V.: Siam-ids: handling class imbalance problem in intrusion detection systems using siamese neural network. Procedia Comput. Sci. 171, 780–789 (2020)
Liang, W., Hu, Y., Zhou, X., Pan, Y., Kevin, I., Wang, K.: Variational few-shot learning for microservice-oriented intrusion detection in distributed industrial iot. IEEE Trans. Industr. Inf. 18(8), 5087–5095 (2021)
Iliyasu, A.S., Abdurrahman, U.A., Zheng, L.: Few-shot network intrusion detection using discriminative representation learning with supervised autoencoder. Appl. Sci. 12(5), 2351 (2022)
Snell, J., Swersky, K., Zemel, R.: Prototypical networks for few-shot learning. Adv. Neural Inf. Process. Syst.30 (2017)
Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A., et al.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp 1, 108–116 (2018)
Morris, T., Gao, W.: Industrial control system traffic data sets for intrusion detection research. In: Critical Infrastructure Protection VIII: 8th IFIP WG 11.10 International Conference, ICCIP 2014, Arlington, VA, USA, March 17-19, 2014, Revised Selected Papers 8. 65–78. Springer (2014)
Vinyals, O., Blundell, C., Lillicrap, T., Wierstra, D., et al.: Matching networks for one shot learning. Adv. Neural Inf. Process. Syst. 29 (2016)
Ingre, B., Yadav, A.: Performance analysis of nsl-kdd dataset using ann. In: 2015 international conference on signal processing and communication engineering systems. 92–96. IEEE (2015)
Funding
The research leading to these results received funding from the Key Research and Development and Promotion Special Project of Henan Province (Scientific and Technological Breakthrough) under Grant Agreement No232102211060. The research leading to these results received funding from the Joint Fund Project of Science and Technology Research and Development Plan of Henan Province (Application Research) under Grant Agreement No232103810042.
Author information
Authors and Affiliations
Contributions
Yahui Wang did protocol proposition, writing original draft, software development, and data collection and analysis. Zhiyong Zhang did review, editing, and supervision. Kejing Zhao did writing-review and editing. Peng Wang provided resources, did review. Ruirui Wang provided resources, did review.
Corresponding author
Ethics declarations
Declarations
I confirm that the work presented in this research article is original and has not been published elsewhere, nor is it under consideration for publication elsewhere.
Conflict of interest
Also, we have no Conflict of interest to disclose.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Wang, Y., Zhang, Z., Zhao, K. et al. A few-shot learning based method for industrial internet intrusion detection. Int. J. Inf. Secur. 23, 3241–3252 (2024). https://doi.org/10.1007/s10207-024-00889-x
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-024-00889-x