基于迁移学习的入侵检测

2018 8th International Conference on Computer and Knowledge Engineering (ICCKE) Pub Date : 2018-10-01 DOI:10.1109/ICCKE.2018.8566601

Zahra Taghiyarrenani, A. Fanian, Ehsan Mahdavi, Abdolreza Mirzaei, Hamed Farsi

{"title":"基于迁移学习的入侵检测","authors":"Zahra Taghiyarrenani, A. Fanian, Ehsan Mahdavi, Abdolreza Mirzaei, Hamed Farsi","doi":"10.1109/ICCKE.2018.8566601","DOIUrl":null,"url":null,"abstract":"In the past decades, machine learning based intrusion detection systems have been developed. This paper discloses a new aspect of machine learning based intrusion detection systems. The proposed method detects normal and anomaly behaviors in the desired network where there are not any labeled samples as training dataset. That is while a plenty of labeled samples may exist in another network that is different from the desired network. Because of the difference between two networks, their samples produce in different manners. So, direct utilizing of labeled samples of a different network as training samples does not provide acceptable accuracy to detect anomaly behaviors in the desired network. In this paper, we propose a transfer learning based intrusion detection method which transfers knowledge between the networks and eliminates the problem of providing training samples that is a costly procedure. Comparing the experimental results with the results of a basic machine learning method (SVM) and also baseline method(DAMA) shows the effectiveness of the proposed method for transferring knowledge for intrusion detection systems.","PeriodicalId":283700,"journal":{"name":"2018 8th International Conference on Computer and Knowledge Engineering (ICCKE)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"Transfer Learning Based Intrusion Detection\",\"authors\":\"Zahra Taghiyarrenani, A. Fanian, Ehsan Mahdavi, Abdolreza Mirzaei, Hamed Farsi\",\"doi\":\"10.1109/ICCKE.2018.8566601\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the past decades, machine learning based intrusion detection systems have been developed. This paper discloses a new aspect of machine learning based intrusion detection systems. The proposed method detects normal and anomaly behaviors in the desired network where there are not any labeled samples as training dataset. That is while a plenty of labeled samples may exist in another network that is different from the desired network. Because of the difference between two networks, their samples produce in different manners. So, direct utilizing of labeled samples of a different network as training samples does not provide acceptable accuracy to detect anomaly behaviors in the desired network. In this paper, we propose a transfer learning based intrusion detection method which transfers knowledge between the networks and eliminates the problem of providing training samples that is a costly procedure. Comparing the experimental results with the results of a basic machine learning method (SVM) and also baseline method(DAMA) shows the effectiveness of the proposed method for transferring knowledge for intrusion detection systems.\",\"PeriodicalId\":283700,\"journal\":{\"name\":\"2018 8th International Conference on Computer and Knowledge Engineering (ICCKE)\",\"volume\":\"43 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 8th International Conference on Computer and Knowledge Engineering (ICCKE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCKE.2018.8566601\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 8th International Conference on Computer and Knowledge Engineering (ICCKE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCKE.2018.8566601","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 18

摘要

在过去的几十年里，基于机器学习的入侵检测系统得到了发展。本文揭示了基于机器学习的入侵检测系统的一个新方面。该方法在没有任何标记样本作为训练数据集的情况下，检测期望网络中的正常和异常行为。也就是说，大量的标记样本可能存在于与期望网络不同的另一个网络中。由于两个网络之间的差异，它们的样本以不同的方式产生。因此，直接利用不同网络的标记样本作为训练样本并不能提供可接受的准确性来检测所需网络中的异常行为。在本文中，我们提出了一种基于迁移学习的入侵检测方法，该方法在网络之间传递知识，消除了提供训练样本这一昂贵过程的问题。将实验结果与基本机器学习方法(SVM)和基线方法(DAMA)的结果进行比较，表明了该方法在入侵检测系统中知识转移的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Transfer Learning Based Intrusion Detection

In the past decades, machine learning based intrusion detection systems have been developed. This paper discloses a new aspect of machine learning based intrusion detection systems. The proposed method detects normal and anomaly behaviors in the desired network where there are not any labeled samples as training dataset. That is while a plenty of labeled samples may exist in another network that is different from the desired network. Because of the difference between two networks, their samples produce in different manners. So, direct utilizing of labeled samples of a different network as training samples does not provide acceptable accuracy to detect anomaly behaviors in the desired network. In this paper, we propose a transfer learning based intrusion detection method which transfers knowledge between the networks and eliminates the problem of providing training samples that is a costly procedure. Comparing the experimental results with the results of a basic machine learning method (SVM) and also baseline method(DAMA) shows the effectiveness of the proposed method for transferring knowledge for intrusion detection systems.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 8th International Conference on Computer and Knowledge Engineering (ICCKE)

自引率

0.00%

发文量