Cited By
View all- Xu BZhao JWang BHe G(2025)Detection of Zero-day Attacks via Sample Augmentation for the Internet of VehiclesVehicular Communications10.1016/j.vehcom.2025.100887(100887)Online publication date: Jan-2025
Transfer Learning Method for Handling The Intrusion Detection System with Zero Attacks Using Machine Learning and Deep Learning
Article No.: 48, Pages 1 - 11
Abstract
Due to the fast advancement of technology, cybercrime is also increasing in frequency and complexity. Since a variety of attacks evolves regularly with complex patterns and varied signatures the task of securing cyberspace becomes more and more difficult and challenging. To minimize the impact of cybercrime through early detection of intrusions, network activity in terms of network traffic, is monitored in real-time thus accumulating huge data which is sometimes erroneous. In order to create efficient security algorithms for attack detection, it is crucial to combine the principles of cybersecurity with data analytics. Known attacks are detected by the signature-based intrusion detection systems but the success of these systems heavily depends on feature engineering performed on the training data used to create attack signatures. In the context of Intrusion Detection Systems (IDS) most of the standard datasets have predominantly numeric data with a few categorical features and hence calls for the exploration of appropriate methods for handling the few categorical features to develop a successful intrusion detection system. Intruders aim to create zero-day attacks, which are entirely unheard-of, to avoid being discovered. The standard machine learning based intrusion detection systems won't initially catch zero-day assaults since there is a dearth of labelled data. Since, zero-day attacks are unknown attacks with ever-volving nature, it is very difficult to identify them, and also it is highly desirable to stop them. Zero-day attacks are handled in two different scenarios; the first scenario wherein minimal attack information is shared among the nodes of an Intrusion Detection Network (IDN) and the second scenario wherein there is no labeled information at all related to the zero-day attack.Three security-related concerns are the focus of this research project: (i) efficient detection of existing attacks, (ii) early detection of novel attacks, and (iii) detection of zero-day attacks. The research suggests using a transfer learning strategy in order to counter zero-day assaults. To handle the first case, inductive transfer learning is necessary, but transductive transfer learning is needed to provide a framework for intrusion detection in the second scenario. In the context of IDN, a transfer learning framework for the early identification of new assaults. The proposed transfer learning framework leverages the few labeled examples of a new attack shared among the collaborative nodes of an IDN for the detection of new attacks. Supervised Manifold Alignment methodology for Domain Unification is applied to circumvent the problem of heterogeneous feature spaces maintained by the different nodes of the IDN in the process of collaborative learning. Since, most of them are variants of existing attacks whose signatures are already recognized, in this thesis authors proposes a Deep transductive transfer learning framework that aims to apply transfer learning as it can transfer the knowledge that is acquired while learning signatures of known attacks for detecting of zero-day attacks. Unsupervised Manifold Alignment methodology for Domain Unification is proposed to transfer knowledge from source domain through cluster correspondence.
References
[1]
Fung, Carol, and Raouf Boutaba, “Intrusion Detection”, Intrusion detection networks: a key to collaborative security. Auerbach Publications, (2017): 21-37.
[2]
Chabathula, Krupa Joel, C. D. Jaidhar, and MA Ajay Kumara. "Comparative study of Principal Component Analysis based Intrusion Detection approach using machine learning algorithms." 2015 3rd International Conference on Signal Processing, Communication and Networking (ICSCN). IEEE, 2015.
[3]
Kumar, Raneel, Sunil Pranit Lal, and Alok Sharma. "Detecting denial of service attacks in the cloud." 2016 IEEE 14th Intl Conf on Dependable, Autonomic and Secure Computing, 14th Intl Conf on Pervasive Intelligence and Computing, 2nd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech). IEEE, 2016.
[4]
Balakrishnan, Senthilnayaki, KannnVenkatalakshmi, and A. Kannan. "Intrusion detection system using Feature selection and Classification technique." International Journal of Computer Science and Application 3.4 (2014): 145-151.
[5]
Chiba, Zouhair, "A cooperative and hybrid network intrusion detection framework in cloud computing based on snort and optimized back propagation neural network." Procedia Computer Science 83 (2016): 1200- 1206.
[6]
Chen, Weiwei, "A novel unsupervised anomaly detection approach for intrusion detection system." 2017 ieee 3rd international conference on big data security on cloud (bigdatasecurity), IEEE international conference on high performance and smart computing (hpsc), and IEEE international conference on intelligent data and security (ids). IEEE, 2017.
[7]
Jabbar, M. A., and RajanikanthAluvalu. "RFAODE: A novel ensemble intrusion detection system." Procedia computer science 115 (2017): 226-234.
[8]
] Zhao, Juan, Sachin Shetty, and Jan Wei Pan. "Feature-based transfer learning for network security." MILCOM 2017-2017 IEEE Military Communications Conference (MILCOM). IEEE, 2017.
[9]
Vercruyssen, Vincent, WannesMeert, and Jesse Davis. "Transfer learning for time series anomaly detection." CEUR Workshop Proceedings. Vol. 1924. 2017.
[10]
Dhanabal, L., and S. P. Shantharajah. "A study on NSL-KDD dataset for intrusion detection system based on classification algorithms." International Journal of Advanced Research in Computer and Communication Engineering 4.6 (2015): 446-452.
[11]
Mahbod, "A detailed analysis of the KDD CUP 99 data set." 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications. IEEE, 2009.
[12]
Zhao, Jing, "Protocol anomaly detection based on string kernels." 2010 International Conference on Optics, Photonics and Energy Engineering (OPEE). Vol. 1. IEEE, 2010.
[13]
Das, Kumar. "Protocol anomaly detection for network-based intrusion detection." http://www. sans. org/reading_room/whitepapers/detection/349. php (2001).
[14]
Qu, Xiaohong, Zhijie Liu, and XiaoyaoXie. "Research on distributed intrusion detection system based on protocol analysis." 2009 3rd International Conference on Anti-counterfeiting, Security, and Identification in Communication. IEEE, 2009.
[15]
Hu, Liang, "Improvement on intrusion detection technology based on protocol analysis and pattern matching." (2010).
[16]
Barry, Bazara IA, and H. Anthony Chan. "Towards intelligent cross protocol intrusion detection in the next generation networks based on protocol anomaly detection." The 9th International Conference on Advanced Communication Technology. Vol. 3. IEEE, 2007.
[17]
Belavagi, Manjula C., and BalachandraMuniyal. "Performance evaluation of supervised machine learning algorithms for intrusion detection." Procedia Computer Science 89.2016 (2016): 117-123
[18]
Alpaydin, Ethem, “Hidden Markov Model” Introduction to machine learning. MIT press, 2009.
[19]
Zheng, Alice, and Amanda Casari, Feature engineering for machine learning: principles and techniques for data scientists. " O'Reilly Media, Inc.", 2018.Fung, Carol, and Raouf Boutaba, “Intrusion Detection”, Intrusion detection networks: a key to collaborative security. Auerbach Publications, (2017): 21-37.
[20]
Fung, Carol, and Raouf Boutaba, “Intrusion Detection”, Intrusion detection networks: a key to collaborative security. Auerbach Publications, (2017): 21-37.
[21]
Marchang, Ningrinla, Raja Datta, and Sajal K. Das. "A novel approach for efficient usage of intrusion detection system in mobile ad hoc networks." IEEE Transactions on Vehicular Technology 66.2 (2016): 1684- 1695.
[22]
Weiss, Karl, Taghi M. Khoshgoftaar, and DingDing Wang. "A survey of transfer learning." Journal of Big data 3.1 (2016)
Index Terms
- Transfer Learning Method for Handling The Intrusion Detection System with Zero Attacks Using Machine Learning and Deep Learning
Recommendations
Deep Learning for Zero-day Malware Detection and Classification: A Survey
Zero-day malware is malware that has never been seen before or is so new that no anti-malware software can catch it. This novelty and the lack of existing mitigation strategies make zero-day malware challenging to detect and defend against. In recent ...
Automated containment of rootkits attacks
Rootkit attacks are a serious threat to computer systems. Packaged with other malwares such as worms, viruses and spyware, rootkits pose a more potent threat than ever before by allowing malware to evade detection. In the absence of appropriate tools to ...
Preventing Adversarial Attacks Against Deep Learning-Based Intrusion Detection System
Information Security Practice and ExperienceAbstractDeep learning (DL) applications in network intrusion detection systems (NIDS) are increasingly popular in protecting IoT networks against cyber threats. However, these systems are threatened by adversarial attacks that can evade detection and ...
Comments
Information & Contributors
Information
Published In
November 2023
1215 pages
ISBN:9798400709418
DOI:10.1145/3647444
Copyright © 2023 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 13 May 2024
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
ICIMMI 2023
ICIMMI 2023: International Conference on Information Management & Machine Intelligence
November 23 - 25, 2023
Jaipur, India
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 48Total Downloads
- Downloads (Last 12 months)48
- Downloads (Last 6 weeks)7
Reflects downloads up to 05 Mar 2025
Other Metrics
Citations
Cited By
View all- Xu BZhao JWang BHe G(2025)Detection of Zero-day Attacks via Sample Augmentation for the Internet of VehiclesVehicular Communications10.1016/j.vehcom.2025.100887(100887)Online publication date: Jan-2025
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format