基于物联网网络特征影响的鲁棒分层异常检测

IF 4.1 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

ICT Express Pub Date : 2025-02-25 DOI:10.1016/j.icte.2025.02.009

Joohong Rheey, Hyunggon Park

{"title":"基于物联网网络特征影响的鲁棒分层异常检测","authors":"Joohong Rheey, Hyunggon Park","doi":"10.1016/j.icte.2025.02.009","DOIUrl":null,"url":null,"abstract":"<div><div>Security threats in Internet of Things (IoT) networks increased, but the lack of labeled data and limited resources hinder intrusion detection system design for IoT networks. We propose a robust hierarchical anomaly detection method based on a variational autoencoder for IoT networks. Our proposed approach includes a shallow detection stage for obvious outliers with an in-depth detection stage that explicitly measures the impact of individual features on latent representations using Shapley values, enhancing the ability to detect adversarial attacks without adversarial training. Simulations confirm the effectiveness against adversarial attacks, with almost 100% detection rates for NSL-KDD and CIC-IDS2017 datasets.</div></div>","PeriodicalId":48526,"journal":{"name":"ICT Express","volume":"11 2","pages":"Pages 358-363"},"PeriodicalIF":4.1000,"publicationDate":"2025-02-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Robust hierarchical anomaly detection using feature impact in IoT networks\",\"authors\":\"Joohong Rheey, Hyunggon Park\",\"doi\":\"10.1016/j.icte.2025.02.009\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>Security threats in Internet of Things (IoT) networks increased, but the lack of labeled data and limited resources hinder intrusion detection system design for IoT networks. We propose a robust hierarchical anomaly detection method based on a variational autoencoder for IoT networks. Our proposed approach includes a shallow detection stage for obvious outliers with an in-depth detection stage that explicitly measures the impact of individual features on latent representations using Shapley values, enhancing the ability to detect adversarial attacks without adversarial training. Simulations confirm the effectiveness against adversarial attacks, with almost 100% detection rates for NSL-KDD and CIC-IDS2017 datasets.</div></div>\",\"PeriodicalId\":48526,\"journal\":{\"name\":\"ICT Express\",\"volume\":\"11 2\",\"pages\":\"Pages 358-363\"},\"PeriodicalIF\":4.1000,\"publicationDate\":\"2025-02-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ICT Express\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2405959525000268\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ICT Express","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2405959525000268","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

物联网（IoT）网络中的安全威胁日益增加，但缺乏标记数据和有限的资源阻碍了物联网网络入侵检测系统的设计。我们提出了一种基于变分自编码器的物联网网络鲁棒分层异常检测方法。我们提出的方法包括一个针对明显异常值的浅检测阶段和一个使用Shapley值明确测量单个特征对潜在表征的影响的深度检测阶段，增强了在没有对抗性训练的情况下检测对抗性攻击的能力。模拟验证了对抗对抗性攻击的有效性，对NSL-KDD和CIC-IDS2017数据集的检测率几乎为100%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Robust hierarchical anomaly detection using feature impact in IoT networks

Security threats in Internet of Things (IoT) networks increased, but the lack of labeled data and limited resources hinder intrusion detection system design for IoT networks. We propose a robust hierarchical anomaly detection method based on a variational autoencoder for IoT networks. Our proposed approach includes a shallow detection stage for obvious outliers with an in-depth detection stage that explicitly measures the impact of individual features on latent representations using Shapley values, enhancing the ability to detect adversarial attacks without adversarial training. Simulations confirm the effectiveness against adversarial attacks, with almost 100% detection rates for NSL-KDD and CIC-IDS2017 datasets.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

ICT Express Multiple-

CiteScore

10.20

自引率

1.90%

发文量

167

审稿时长

35 weeks

期刊介绍： The ICT Express journal published by the Korean Institute of Communications and Information Sciences (KICS) is an international, peer-reviewed research publication covering all aspects of information and communication technology. The journal aims to publish research that helps advance the theoretical and practical understanding of ICT convergence, platform technologies, communication networks, and device technologies. The technology advancement in information and communication technology (ICT) sector enables portable devices to be always connected while supporting high data rate, resulting in the recent popularity of smartphones that have a considerable impact in economic and social development.