Weakly-supervised IDS with abnormal-preserving transformation learning

Abstract

Abstract: Network intrusion detection systems are crucial for maintaining network security, and there is currently limited research on intrusion detection scenarios with only a few abnormal markers of network data. This paper designs a weakly-supervised learning intrusion detection model, called WIDS-APL, based on the anomaly retention of data. The detection model consists of four parts: data transformation layer, representation learning layer, transformation classification layer, and anomaly discrimination layer. By using a set of learnable encoders to map samples to different regions and compress them into a hypersphere, the label information of abnormal samples is used to learn the classification boundaries of normal and abnormal samples, and the abnormal score of the samples is obtained. Testing the WIDS-APL system on four datasets demonstrates the effectiveness and robustness of the system, with improvements in the AUC-ROC values of 4.80%, 5.96%, 1.58%, and 1.73% respectively compared to other mainstream methods. Furthermore, there are enhancements of 15.03%, 2.95%, 4.71%, and 9.23% in AUC-PR performance.

Key words: network intrusion detection, weakly-supervised learning, deep learning

TAN Yu-song, WANG Wei, JIAN Song-lei, YI Chao-xiong. Weakly-supervised IDS with abnormal-preserving transformation learning[J]. Computer Engineering & Science, 2024, 46(05): 801-809.

References ［21］

［1］	蹇诗婕，卢志刚，杜丹，等.网络入侵检测技术综述［J］.信息安全学报，2020，5（4）:96-122.
	Jian Shi-jie, Lu Zhi-gang, Du Dan,et al. Overview of network intrusion detection technology［J］. Journal of Cyber Security,2020,5(4):96-122.
［2］	Gamage S,Samarabandu J.Deep learning methods in network intrusion detection:A survey and an objective comparison ［J］.Journal of Network and Computer Applications,2020,169:102767.
［3］	Salo F,Nassif A B,Essex A.Dimensionality reduction with IG-PCA and ensemble classifier for network intrusion detection ［J］.Computer Networks,2019,148:164-175.
［4］	An J,Cho S.Variational autoencoder based anomaly detection using reconstruction probability ［J］.Special Lecture on IE,2015,2 (1):1-18.
［5］	Zong B,Song Q,Min M R,et al.Deep autoencoding Gaussian mixture model for unsupervised anomaly detection ［C］∥Proc of International Conference on Learning Representations,2018:1-19.
［6］	Zhao Y,Hryniewicki M K.XGBOD:Improving supervised outlier detection with unsupervised representation learning ［C］∥Proc of 2018 International Joint Conference on Neural Networks,2018:1-8.
［7］	Ruff L, Vandermeulen R A, Grnitz N, et al.Deep semi- supervised anomaly detection ［J］.arXiv:1906.02694,2019.
［8］	Ruff L,Vandermeulen R,Grnitz N,et al.Deep one-class classification ［C］∥Proc of the 35th International Conference on Machine Learning,2018:4393-4402.
［9］	Pang G,Cao L,Chen L,et al.Learning representations of ultrahigh dimensional data for random distance-based outlier detection ［C］∥Proc of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining,2018:2041-2050.
［10］	Pang G,Shen C,van den Hengel A.Deep anomaly detection with deviation networks ［C］∥Proc of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining,2019:353-362.
［11］	Pang G S,Shen C H,Jin H D,et al.Deep weakly-supervised anomaly detection ［J］.arXiv:1910.13601,2019.
［12］	Zhou Y,Song X,Zhang Y,et al.Feature encoding with autoencoders for weakly supervised anomaly detection ［J］.IEEE Transactions on Neural Networks and Learning Systems,2021,33(6):2454-2465.
［13］	Grnitz N,Kloft M,Rieck K,et al.Toward supervised anomaly detection ［J］.Journal of Artificial Intelligence Research,2013,46:235-262.
［14］	Huang T,Chen P,Li R. A semi-supervised VAE based active anomaly detection framework in multivariate time series for online systems ［C］∥Proc of the ACM Web Confe- rence,2022:1797-1806.
［15］	Zha D,Lai K-H,Wan M,et al.Meta-AAD:Active anomaly detection with deep reinforcement learning ［C］∥Proc of 2020 IEEE International Conference on Data Mining,2020:771-780.
［16］	Pang G,van den Hengel A,Shen C,et al.Toward deep supervised anomaly detection:Reinforcement learning from partially labeled anomaly data ［C］∥Proc of the 27th ACM SIGKDD Conference on Knowledge Discovery & Data Mining,2021:1298-1308.
［17］	Tavallaee M,Bagheri E,Lu W,et al.A detailed analysis of the KDD CUP 99 data set ［C］∥Proc of 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications,2009:1-6.
［18］	Moustafa N,Slay J.UNSW-NB15:A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set) ［C］∥Proc of 2015 Military Communications and Information Systems Conference,2015:1-6.
［19］	Kim J,Shin Y,Choi E.An intrusion detection model based on a convolutional neural network ［J］.Journal of Multimedia Information System,2019,6(4):165-172.
［20］	Goldstein M, Dengel A. Histogram-based outlier score (HBOS):A fast unsupervised anomaly detection algorithm ［C］∥Proc of KI-2012:Poster and Demo Track,2012:1-5.
［21］	Liu F T,Ting K M,Zhou Z-H.Isolation-based anomaly detection ［J］.ACM Transactions on Knowledge Discovery from Data,2012,6(1):Article No.:3.

[1]	JI Xu-rui, WEI De-jian, ZHANG Jun-zhong, ZHANG Shuai, CAO Hui. Research progress on information extraction methods of Chinese electronic medical records [J]. Computer Engineering & Science, 2024, 46(02): 325-337.
[2]	QIU Xiao-meng, WANG Lin, GU Wen-jun, SONG Wei, TIAN Hao-lai, HU Yu. A time series image semantic segmentation model modified by optical flow [J]. Computer Engineering & Science, 2024, 46(01): 102-110.
[3]	LI Zhuo-xuan, ZHOU Ya-tong. iSFF-DBNet:An improved text detection algorithm in e-commerce images [J]. Computer Engineering & Science, 2023, 45(11): 2008-2017.
[4]	MA Zhi-feng, ZHANG Hao, LIU Jie. A survey of precipitation nowcasting based on deep learning [J]. Computer Engineering & Science, 2023, 45(10): 1731-1753.
[5]	MA Si-yuan, JIAO Jia-hui, REN Sheng-qi, SONG Wei. Missing value filling for multi-variable urban air quality data based on attention mechanism [J]. Computer Engineering & Science, 2023, 45(08): 1354-1364.
[6]	XU Ru-zhi, WANG Shuo, LONG Yan, ZONG Qi-zhuo. Research on a step-by-step adversarial defense method for image recognition [J]. Computer Engineering & Science, 2023, 45(06): 1020-1029.
[7]	DENG Shan-shan, HUANG Hui, MA Yan. A small object detection algorithm based on improved Faster R-CNN [J]. Computer Engineering & Science, 2023, 45(05): 869-877.
[8]	DONG Pei-jie, NIU Xin, WEI Zi-mian, CHEN Xue-hui. Review of one-shot neural architecture search [J]. Computer Engineering & Science, 2023, 45(02): 191-203.
[9]	LIU Cong-jun, XU Jia-chen, XIAO Zhi-yong, CHAI Zhi-lei. An automatic cardiac magnetic resonance image segmentation algorithm based on deep learning [J]. Computer Engineering & Science, 2022, 44(09): 1646-1654.
[10]	HE Tao, SHI Hui-li, LI Da-liang. Deep learning-based SAR target recognition on DSP [J]. Computer Engineering & Science, 2022, 44(08): 1357-1363.
[11]	GOU Song, ZHAO Xu-yan, HOU Song, LI Wei. A mask detection method based on multi-scale optimized awareness network [J]. Computer Engineering & Science, 2022, 44(08): 1440-1448.
[12]	LIU Li-man, TAN Long-yu, PENG Yuan, LIU Jia. Semantic segmentation of 3D point cloud based on all fusion network [J]. Computer Engineering & Science, 2022, 44(05): 862-869.
[13]	LU Kai-liang. Advances in deep learning methods for pavement crack detection and identification with visual images [J]. Computer Engineering & Science, 2022, 44(04): 674-685.
[14]	QIU Zeng-hui, HE Ming-jie, LIN Zheng-kui. A named entity recognition method for online shopping comments based on deep learning [J]. Computer Engineering & Science, 2020, 42(12): 2287-2294.

Weakly-supervised IDS with abnormal-preserving transformation learning

PDF

Knowledge

Abstract

Cite this article

share this article

References ［21］

Related Articles 14

Recommended Articles

Metrics

Comments