Haedam Kim, Suhyun Park, Hyemin Hong, Jieun Park, Seongmin Kim
{"title":"A Transferable Deep Learning Framework for Improving the Accuracy of Internet of Things Intrusion Detection","authors":"Haedam Kim, Suhyun Park, Hyemin Hong, Jieun Park, Seongmin Kim","doi":"10.3390/fi16030080","DOIUrl":null,"url":null,"abstract":"As the size of the IoT solutions and services market proliferates, industrial fields utilizing IoT devices are also diversifying. However, the proliferation of IoT devices, often intertwined with users’ personal information and privacy, has led to a continuous surge in attacks targeting these devices. However, conventional network-level intrusion detection systems with pre-defined rulesets are gradually losing their efficacy due to the heterogeneous environments of IoT ecosystems. To address such security concerns, researchers have utilized ML-based network-level intrusion detection techniques. Specifically, transfer learning has been dedicated to identifying unforeseen malicious traffic in IoT environments based on knowledge distillation from the rich source domain data sets. Nevertheless, since most IoT devices operate in heterogeneous but small-scale environments, such as home networks, selecting adequate source domains for learning proves challenging. This paper introduces a framework designed to tackle this issue. In instances where assessing an adequate data set through pre-learning using transfer learning is non-trivial, our proposed framework advocates the selection of a data set as the source domain for transfer learning. This selection process aims to determine the appropriateness of implementing transfer learning, offering the best practice in such scenarios. Our evaluation demonstrates that the proposed framework successfully chooses a fitting source domain data set, delivering the highest accuracy.","PeriodicalId":509567,"journal":{"name":"Future Internet","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-02-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Future Internet","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3390/fi16030080","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
As the size of the IoT solutions and services market proliferates, industrial fields utilizing IoT devices are also diversifying. However, the proliferation of IoT devices, often intertwined with users’ personal information and privacy, has led to a continuous surge in attacks targeting these devices. However, conventional network-level intrusion detection systems with pre-defined rulesets are gradually losing their efficacy due to the heterogeneous environments of IoT ecosystems. To address such security concerns, researchers have utilized ML-based network-level intrusion detection techniques. Specifically, transfer learning has been dedicated to identifying unforeseen malicious traffic in IoT environments based on knowledge distillation from the rich source domain data sets. Nevertheless, since most IoT devices operate in heterogeneous but small-scale environments, such as home networks, selecting adequate source domains for learning proves challenging. This paper introduces a framework designed to tackle this issue. In instances where assessing an adequate data set through pre-learning using transfer learning is non-trivial, our proposed framework advocates the selection of a data set as the source domain for transfer learning. This selection process aims to determine the appropriateness of implementing transfer learning, offering the best practice in such scenarios. Our evaluation demonstrates that the proposed framework successfully chooses a fitting source domain data set, delivering the highest accuracy.
随着物联网解决方案和服务市场规模的扩大,利用物联网设备的工业领域也在不断丰富。然而,物联网设备的激增往往与用户的个人信息和隐私息息相关,导致针对这些设备的攻击不断激增。然而,由于物联网生态系统的异构环境,具有预定义规则集的传统网络级入侵检测系统正逐渐失去其功效。为了解决这些安全问题,研究人员利用了基于 ML 的网络级入侵检测技术。具体来说,迁移学习致力于基于从丰富的源领域数据集中提炼的知识,识别物联网环境中不可预见的恶意流量。然而,由于大多数物联网设备在异构但小规模的环境(如家庭网络)中运行,因此选择适当的源域进行学习具有挑战性。本文介绍了一个旨在解决这一问题的框架。在通过使用迁移学习进行预学习来评估适当的数据集并非易事的情况下,我们提出的框架主张选择一个数据集作为迁移学习的源域。这一选择过程旨在确定实施迁移学习的适当性,为此类情况提供最佳实践。我们的评估表明,建议的框架成功地选择了一个合适的源域数据集,提供了最高的准确率。