Papers
Topics
Authors
Recent
Search
2000 character limit reached

Improving Transferability of Network Intrusion Detection in a Federated Learning Setup

Published 7 Jan 2024 in cs.CR, cs.LG, and eess.SP | (2401.03560v1)

Abstract: Network Intrusion Detection Systems (IDS) aim to detect the presence of an intruder by analyzing network packets arriving at an internet connected device. Data-driven deep learning systems, popular due to their superior performance compared to traditional IDS, depend on availability of high quality training data for diverse intrusion classes. A way to overcome this limitation is through transferable learning, where training for one intrusion class can lead to detection of unseen intrusion classes after deployment. In this paper, we provide a detailed study on the transferability of intrusion detection. We investigate practical federated learning configurations to enhance the transferability of intrusion detection. We propose two techniques to significantly improve the transferability of a federated intrusion detection system. The code for this work can be found at https://github.com/ghosh64/transferability.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (14)
  1. Koc, Levent and Mazzuchi, Thomas A and Sarkani, Shahram, “A network intrusion detection system based on a Hidden Naïve Bayes multiclass classifier,” Expert Systems with Applications, vol. 39, no. 18, pp. 13 492–13 500, 2012.
  2. Alkasassbeh, Mouhammd and Al-Naymat, Ghazi and Hassanat, Ahmad BA and Almseidin, Mohammad, “Detecting distributed denial of service attacks using data mining techniques,” International Journal of Advanced Computer Science and Applications, vol. 7, no. 1, 2016.
  3. Vinayakumar, Ravi and Alazab, Mamoun and Soman, KP and Poornachandran, Prabaharan and Al-Nemrat, Ameer and Venkatraman, Sitalakshmi, “Deep learning approach for intelligent intrusion detection system,” IEEE Access, vol. 7, pp. 41 525–41 550, 2019.
  4. Barnard, Pieter and Marchetti, Nicola and DaSilva, Luiz A, “Robust Network Intrusion Detection through Explainable Artificial Intelligence (XAI),” IEEE Networking Letters, vol. 4, no. 3, pp. 167–171, 2022.
  5. Koroniotis, Nickolaos and Moustafa, Nour and Sitnikova, Elena and Turnbull, Benjamin, “Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-iot dataset,” Future Generation Computer Systems, vol. 100, pp. 779–796, 2019.
  6. Verkerken, Miel and D’hooge, Laurens and Wauters, Tim and Volckaert, Bruno and De Turck, Filip, “Towards model generalization for intrusion detection: Unsupervised machine learning techniques,” Journal of Network and Systems Management, vol. 30, no. 1, pp. 1–25, 2022.
  7. Catillo, Marta and Del Vecchio, Andrea and Pecchia, Antonio and Villano, Umberto, “Transferability of machine learning models learned from public intrusion detection datasets: the CICIDS2017 case study,” Software Quality Journal, pp. 1–27, 2022.
  8. S. A. Rahman, H. Tout, C. Talhi, and A. Mourad, “Internet of things intrusion detection: Centralized, on-device, or federated learning?” IEEE Network, vol. 34, no. 6, pp. 310–317, 2020.
  9. B. Xue, H. Zhao, and W. Yao, “Deep transfer learning for iot intrusion detection,” in 2022 3rd International Conference on Computing, Networks and Internet of Things (CNIOT).   IEEE, 2022, pp. 88–94.
  10. P. Ruzafa-Alcázar, P. Fernández-Saura, E. Mármol-Campos, A. González-Vidal, J. L. Hernández-Ramos, J. Bernal-Bernabe, and A. F. Skarmeta, “Intrusion detection based on privacy-preserving federated learning for the industrial iot,” IEEE Transactions on Industrial Informatics, vol. 19, no. 2, pp. 1145–1154, 2021.
  11. H. B. McMahan, E. Moore, D. Ramage, S. Hampson, and B. A. y. Arcas, “Communication-efficient learning of deep networks from decentralized data,” 2016. [Online]. Available: https://arxiv.org/abs/1602.05629
  12. Ghosh, Shreya and Mahdee Jameel, Abu Shafin Mohammad and El Gamal, Aly, “An Analysis of Transferability in Network Intrusion Detection using Distributed Deep Learning,” in The First Tiny Papers Track at ICLR 2023.   Tiny Papers @ ICLR 2023, 2023.
  13. Sharafaldin, Iman and Lashkari, Arash Habibi and Ghorbani, Ali A, “Toward generating a new intrusion detection dataset and intrusion traffic characterization.” in ICISSp, 2018, pp. 108–116.
  14. Diederik P. Kingma and Jimmy Ba, “Adam: A Method for Stochastic Optimization,” CoRR, vol. abs/1412.6980, 2014.

Summary

No one has generated a summary of this paper yet.

Sign Up to Summarize

Paper to Video (Beta)

No one has generated a video about this paper yet.

Sign Up to Generate All Videos Subscribe on YouTube

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Generate Now

Collections

Sign up for free to add this paper to one or more collections.

Sign Up