DP-ADA: Differentially Private Adversarial Domain Adaptation for Training Deep Learning based Network Intrusion Detection Systems

Abstract

Recent work has shown that deep learning (DL) techniques are highly effective for assisting network intrusion detection systems (NIDS) in identifying attacks on networks. Training DL classification models, however, requires vast amounts of labeled data which is often expensive and time-consuming to collect. Also, DL models trained using data from one type of network may not be able to identify attacks on other types of network or identify new families of attacks discovered over time. In this paper, we introduce a differentially private adversarial DA (DP-ADA) workflow which allows organizations to share their labeled data with other organizations in a privacy preserving way. This workflow allows for more collaboration and sharing, so that more effective DL based NIDS models can be created for deployment on different types of networks and can detect newer attack families with very little effort. Our solution provides a much better performance than fine-tuning based transfer learning mechanism and almost matches the performance of adversarial DA when the actual source dataset is used, while at the same time reducing the size of data shared between the two parties. Our solution also provides privacy protection for heterogeneous DA, where source and target datasets have different feature dimensions.