Few-shot weakly-supervised cybersecurity anomaly detection

被引:3
作者
Kale, Rahul [1 ]
Thing, Vrizlynn L. L. [1 ]
机构
[1] ST Engn, Singapore, Singapore
关键词
Cybersecurity; Anomaly detection; Machine learning; Few-shot learning; Weakly-supervised learning; LEARNING-BASED MODEL;
D O I
10.1016/j.cose.2023.103194
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
With increased reliance on Internet based technologies, cyberattacks compromising users' sensitive data are becoming more prevalent. The scale and frequency of these attacks are escalating rapidly, affecting systems and devices connected to the Internet. The traditional defense mechanisms may not be suffi-ciently equipped to handle the complex and ever-changing new threats. The significant breakthroughs in the machine learning methods including deep learning, had attracted interests from the cybersecurity research community for further enhancements in the existing anomaly detection methods. Unfortunately, collecting labelled anomaly data for all new evolving and sophisticated attacks is not practical. Training and tuning the machine learning model for anomaly detection using only a handful of labelled data sam-ples is a pragmatic approach. Therefore, few-shot weakly supervised anomaly detection is an encouraging research direction. In this paper, we propose an enhancement to an existing few-shot weakly-supervised deep learning anomaly detection framework. This framework incorporates data augmentation, representa-tion learning and ordinal regression. We then evaluated and showed the performance of our implemented framework on three benchmark datasets: NSL-KDD, CIC-IDS2018, and TON_IoT.(c) 2023 Elsevier Ltd. All rights reserved.
引用
收藏
页数:10
相关论文
共 34 条
[11]   An Unsupervised Deep Learning Model for Early Network Traffic Anomaly Detection [J].
Hwang, Ren-Hung ;
Peng, Min-Chun ;
Huang, Chien-Wei ;
Lin, Po-Ching ;
Van-Linh Nguyen .
IEEE ACCESS, 2020, 8 :30387-30399
[12]  
Jesse D, 2006, P 23 INT C MACH LEAR, P233, DOI [DOI 10.1145/1143844.1143874, https://doi.org/10.1145/1143844.1143874, 10.1145/1143844.1143874]
[13]  
Kale Rahul, 2022, 2022 IEEE 8th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS)., P137, DOI 10.1109/BigDataSecurityHPSCIDS54978.2022.00034
[14]  
Lazarevic A, 2003, SIAM PROC S, P25
[15]   Modified Autoencoder Training and Scoring for Robust Unsupervised Anomaly Detection in Deep Learning [J].
Merrill, Nicholas ;
Eskandarian, Azim .
IEEE ACCESS, 2020, 8 :101824-101833
[16]   Federated TON_IoT Windows Datasets for Evaluating AI-based Security Applications [J].
Moustafa, Nour ;
Keshky, Marwa ;
Debiez, Essam ;
Janicke, Helge .
2020 IEEE 19TH INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM 2020), 2020, :849-856
[17]   Enhanced Network Anomaly Detection Based on Deep Neural Networks [J].
Naseer, Sheraz ;
Saleem, Yasir ;
Khalid, Shehzad ;
Bashir, Muhammad Khawar ;
Han, Jihun ;
Iqbal, Muhammad Munwar ;
Han, Kijun .
IEEE ACCESS, 2018, 6 :48231-48246
[18]  
Pang GS, 2021, Arxiv, DOI arXiv:2108.00462
[19]  
Pang GS, 2020, Arxiv, DOI arXiv:1910.13601
[20]   Deep Learning for Anomaly Detection: A Review [J].
Pang, Guansong ;
Shen, Chunhua ;
Cao, Longbing ;
Van den Hengel, Anton .
ACM COMPUTING SURVEYS, 2021, 54 (02)