A Novel Transfer Learning Model for Intrusion Detection Systems in IoT Networks

Vu, L; Nguyen, QU; Hoang, DT; Nguyen, DN; Dutkiewicz, E

A Novel Transfer Learning Model for Intrusion Detection Systems in IoT Networks

Vu, L Nguyen, QU Hoang, DT Nguyen, DN Dutkiewicz, E

Permalink

Publisher:: Springer
Publication Type:: Chapter
Citation:: Emerging Trends in Cybersecurity Applications, 2023, pp. 45-65
Issue Date:: 2023-01-01

Embargoed

	Filename	Description	Size
	3.pdf	Accepted version	711.68 kB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Embargoed
Open Access

This item is currently unavailable due to the publisher's embargo.

The embargo period expires on 6 Jul 2024

Full metadata record

Field	Value	Language
dc.contributor.author	Vu, L
dc.contributor.author	Nguyen, QU
dc.contributor.author	Hoang, DT
dc.contributor.author	Nguyen, DN
dc.contributor.author	Dutkiewicz, E https://orcid.org/0000-0002-4268-9286
dc.date.accessioned	2023-08-27T08:57:26Z
dc.date.available	2023-08-27T08:57:26Z
dc.date.issued	2023-01-01
dc.identifier.citation	Emerging Trends in Cybersecurity Applications, 2023, pp. 45-65
dc.identifier.isbn	9783031096396
dc.identifier.uri	http://hdl.handle.net/10453/171840
dc.description.abstract	Internet of Things, or IoT has been playing an important part in human’s lives. Nonetheless, the rapid growth of IoT-based services may lead to an increase in IoT-based attacks that compromise sensitive user data. IoT-based attack detection and prevention is thus essential for the development of IoT-based network technologies. However, this is a difficult task because the data transmitted between IoT devices is often complex and heterogeneous while IoT-based threats/attacks change rapidly over time. Machine learning-based threat detection methods, which are trained with old/existing labelled data, may become less effective in the future. For that, it is critical to develop effective learning models that can leverage both labelled and unlabelled data to timely adapt with the fast-varying attack methods. To this end, this chapter proposes a Deep Transfer Learning (DTL) model to build an effective IoT attack detection model from both labelled and unlabelled data collected from multiple IoT devices. The proposed solution combines the Multi-Maximum Mean Discrepancy (M2D) distance and two AutoEncoder (AE) networks named as Multi-Maximum Mean Discrepancy AutoEncoder (M2DA). The first AE is trained on labelled IoT data, while the second AE is trained on unlabelled IoT data. The purpose of the training process is to transfer the learned label information from the first AE to the second AE by the M2D distance. As a result, the second AE can efficiently classify and detect anomaly (attacks) even on unlabelled IoT network data. We further study the performance of the proposed M2DA framework using nine well-known commercial IoT datasets with different botnet families and attacks.
dc.format.extent	20
dc.language	en
dc.publisher	Springer
dc.relation.ispartof	Emerging Trends in Cybersecurity Applications
dc.relation.isbasedon	10.1007/978-3-031-09640-2_3
dc.rights	info:eu-repo/semantics/embargoedAccess
dc.title	A Novel Transfer Learning Model for Intrusion Detection Systems in IoT Networks
dc.type	Chapter
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Strength - GBDTC - Global Big Data Technologies
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Electrical and Data Engineering
utslib.copyright.status	embargoed	*
pubs.consider-herdc	false
utslib.copyright.embargo	2024-07-06T00:00:00+1000Z
dc.date.updated	2023-08-27T08:57:25Z
pubs.place-of-publication	Switzerland
pubs.publication-status	Published
dc.location	Switzerland

Abstract:

Internet of Things, or IoT has been playing an important part in human’s lives. Nonetheless, the rapid growth of IoT-based services may lead to an increase in IoT-based attacks that compromise sensitive user data. IoT-based attack detection and prevention is thus essential for the development of IoT-based network technologies. However, this is a difficult task because the data transmitted between IoT devices is often complex and heterogeneous while IoT-based threats/attacks change rapidly over time. Machine learning-based threat detection methods, which are trained with old/existing labelled data, may become less effective in the future. For that, it is critical to develop effective learning models that can leverage both labelled and unlabelled data to timely adapt with the fast-varying attack methods. To this end, this chapter proposes a Deep Transfer Learning (DTL) model to build an effective IoT attack detection model from both labelled and unlabelled data collected from multiple IoT devices. The proposed solution combines the Multi-Maximum Mean Discrepancy (M2D) distance and two AutoEncoder (AE) networks named as Multi-Maximum Mean Discrepancy AutoEncoder (M2DA). The first AE is trained on labelled IoT data, while the second AE is trained on unlabelled IoT data. The purpose of the training process is to transfer the learned label information from the first AE to the second AE by the M2D distance. As a result, the second AE can efficiently classify and detect anomaly (attacks) even on unlabelled IoT network data. We further study the performance of the proposed M2DA framework using nine well-known commercial IoT datasets with different botnet families and attacks.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/171840