A multi-task based deep learning approach for intrusion detection

Publisher:
Elsevier
Publication Type:
Journal Article
Citation:
Knowledge-Based Systems, 2022, 238, (-), pp. 107852
Issue Date:
2022-02-28
Filename Description Size
1-s2.0-S0950705121010340-main.pdfPublished version1.65 MB
Adobe PDF
Full metadata record
With the frequent occurrence of cyber security incidents intrusion detection system IDS has been payed more and more attention recently However detecting attacks from traffic data stream accurately is rather challenging The great diversity and variation of network intrusions make the intrusion feature extraction difficult and the serious imbalanced class distribution makes common classifiers cannot work properly Traditional methods for intrusion detection suffer from some obvious drawbacks Classic machine learning based methods seriously depend on the pre defined features automatic feature learning based methods usually overfit the training data and neglect the problem of imbalanced data distribution and the unsupervised learning based methods are not suitable for dealing with multi class classification of attacks In this paper to understand the characteristics of network traffic clearly we analyze the class distribution of classic intrusion datasets through visualization Based on the observed characteristics we innovatively propose exploiting distinctive features of each type of traffic from three perspectives namely anomaly identification clustering and classification We consider the feature learning in each perspective as a single task then propose three models to fulfill three tasks namely an Autoencoder based contrastive learning model a supervised learning based clustering model and MLP based classifier and we also develop a unified framework to integrate three models for accomplishing intrusion detection comprehensively Additionally we propose a customized loss function to deal with imbalanced distribution of traffic data Finally we conduct extensive experiments on three classic intrusion detection datasets The results demonstrate that the proposed method can outperform the state of art methods on both binary and multi class classification 2021 Elsevier B V
Please use this identifier to cite or link to this item: