A multi-task based deep learning approach for intrusion detection

Liu, Q; Wang, D; Jia, Y; Luo, S; Wang, C

A multi-task based deep learning approach for intrusion detection

Liu, Q Wang, D Jia, Y Luo, S Wang, C

Permalink

Publisher:: Elsevier
Publication Type:: Journal Article
Citation:: Knowledge-Based Systems, 2022, 238, (-), pp. 107852
Issue Date:: 2022-02-28

Closed Access

	Filename	Description	Size
	1-s2.0-S0950705121010340-main.pdf	Published version	1.65 MB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Closed Access

This item is closed access and not available.

Full metadata record

Field	Value	Language
dc.contributor.author	Liu, Q
dc.contributor.author	Wang, D
dc.contributor.author	Jia, Y
dc.contributor.author	Luo, S
dc.contributor.author	Wang, C
dc.date.accessioned	2023-05-26T05:33:01Z
dc.date.available	2023-05-26T05:33:01Z
dc.date.issued	2022-02-28
dc.identifier.citation	Knowledge-Based Systems, 2022, 238, (-), pp. 107852
dc.identifier.issn	0950-7051
dc.identifier.uri	http://hdl.handle.net/10453/170482
dc.description.abstract	With the frequent occurrence of cyber security incidents intrusion detection system IDS has been payed more and more attention recently However detecting attacks from traffic data stream accurately is rather challenging The great diversity and variation of network intrusions make the intrusion feature extraction difficult and the serious imbalanced class distribution makes common classifiers cannot work properly Traditional methods for intrusion detection suffer from some obvious drawbacks Classic machine learning based methods seriously depend on the pre defined features automatic feature learning based methods usually overfit the training data and neglect the problem of imbalanced data distribution and the unsupervised learning based methods are not suitable for dealing with multi class classification of attacks In this paper to understand the characteristics of network traffic clearly we analyze the class distribution of classic intrusion datasets through visualization Based on the observed characteristics we innovatively propose exploiting distinctive features of each type of traffic from three perspectives namely anomaly identification clustering and classification We consider the feature learning in each perspective as a single task then propose three models to fulfill three tasks namely an Autoencoder based contrastive learning model a supervised learning based clustering model and MLP based classifier and we also develop a unified framework to integrate three models for accomplishing intrusion detection comprehensively Additionally we propose a customized loss function to deal with imbalanced distribution of traffic data Finally we conduct extensive experiments on three classic intrusion detection datasets The results demonstrate that the proposed method can outperform the state of art methods on both binary and multi class classification 2021 Elsevier B V
dc.language	en
dc.publisher	Elsevier
dc.relation.ispartof	Knowledge-Based Systems
dc.relation.isbasedon	10.1016/j.knosys.2021.107852
dc.rights	info:eu-repo/semantics/closedAccess
dc.subject	08 Information and Computing Sciences, 15 Commerce, Management, Tourism and Services, 17 Psychology and Cognitive Sciences
dc.subject.classification	Artificial Intelligence & Image Processing
dc.title	A multi-task based deep learning approach for intrusion detection
dc.type	Journal Article
utslib.citation.volume	238
utslib.for	08 Information and Computing Sciences
utslib.for	15 Commerce, Management, Tourism and Services
utslib.for	17 Psychology and Cognitive Sciences
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Business
utslib.copyright.status	closed_access	*
pubs.consider-herdc	false
dc.date.updated	2023-05-26T05:33:00Z
pubs.issue	-
pubs.publication-status	Published
pubs.volume	238
utslib.citation.issue	-

Abstract:

With the frequent occurrence of cyber security incidents intrusion detection system IDS has been payed more and more attention recently However detecting attacks from traffic data stream accurately is rather challenging The great diversity and variation of network intrusions make the intrusion feature extraction difficult and the serious imbalanced class distribution makes common classifiers cannot work properly Traditional methods for intrusion detection suffer from some obvious drawbacks Classic machine learning based methods seriously depend on the pre defined features automatic feature learning based methods usually overfit the training data and neglect the problem of imbalanced data distribution and the unsupervised learning based methods are not suitable for dealing with multi class classification of attacks In this paper to understand the characteristics of network traffic clearly we analyze the class distribution of classic intrusion datasets through visualization Based on the observed characteristics we innovatively propose exploiting distinctive features of each type of traffic from three perspectives namely anomaly identification clustering and classification We consider the feature learning in each perspective as a single task then propose three models to fulfill three tasks namely an Autoencoder based contrastive learning model a supervised learning based clustering model and MLP based classifier and we also develop a unified framework to integrate three models for accomplishing intrusion detection comprehensively Additionally we propose a customized loss function to deal with imbalanced distribution of traffic data Finally we conduct extensive experiments on three classic intrusion detection datasets The results demonstrate that the proposed method can outperform the state of art methods on both binary and multi class classification 2021 Elsevier B V

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/170482