{"title":"基于自编码器损失归一化的迁移学习网络异常检测","authors":"Aviv Yehezkel, Eyal Elyashiv, Or Soffer","doi":"10.1145/3474369.3486869","DOIUrl":null,"url":null,"abstract":"Anomaly detection is a classic, long-term research problem. Previous attempts to solve it have used auto-encoders to learn a representation of the normal behaviour of networks and detect anomalies according to reconstruction loss. In this paper, we study the problem of anomaly detection in computer networks and propose the concept of \"auto-encoder losses transfer learning\". This approach normalizes auto-encoder losses in different model deployments, providing the ability to transform loss vectors of different networks with potentially significant varying characteristics, properties, and behaviors into a domain invariant representation. This is forwarded to a global detection model that can detect and classify threats in a generalized way that is agnostic to the specific network deployment, allowing for comprehensive network coverage.","PeriodicalId":411057,"journal":{"name":"Proceedings of the 14th ACM Workshop on Artificial Intelligence and Security","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":"{\"title\":\"Network Anomaly Detection Using Transfer Learning Based on Auto-Encoders Loss Normalization\",\"authors\":\"Aviv Yehezkel, Eyal Elyashiv, Or Soffer\",\"doi\":\"10.1145/3474369.3486869\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Anomaly detection is a classic, long-term research problem. Previous attempts to solve it have used auto-encoders to learn a representation of the normal behaviour of networks and detect anomalies according to reconstruction loss. In this paper, we study the problem of anomaly detection in computer networks and propose the concept of \\\"auto-encoder losses transfer learning\\\". This approach normalizes auto-encoder losses in different model deployments, providing the ability to transform loss vectors of different networks with potentially significant varying characteristics, properties, and behaviors into a domain invariant representation. This is forwarded to a global detection model that can detect and classify threats in a generalized way that is agnostic to the specific network deployment, allowing for comprehensive network coverage.\",\"PeriodicalId\":411057,\"journal\":{\"name\":\"Proceedings of the 14th ACM Workshop on Artificial Intelligence and Security\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-11-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"13\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 14th ACM Workshop on Artificial Intelligence and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3474369.3486869\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 14th ACM Workshop on Artificial Intelligence and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3474369.3486869","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Network Anomaly Detection Using Transfer Learning Based on Auto-Encoders Loss Normalization
Anomaly detection is a classic, long-term research problem. Previous attempts to solve it have used auto-encoders to learn a representation of the normal behaviour of networks and detect anomalies according to reconstruction loss. In this paper, we study the problem of anomaly detection in computer networks and propose the concept of "auto-encoder losses transfer learning". This approach normalizes auto-encoder losses in different model deployments, providing the ability to transform loss vectors of different networks with potentially significant varying characteristics, properties, and behaviors into a domain invariant representation. This is forwarded to a global detection model that can detect and classify threats in a generalized way that is agnostic to the specific network deployment, allowing for comprehensive network coverage.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
