Feature-based transfer learning for network security
| Title | Feature-based transfer learning for network security |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Zhao, J., Shetty, S., Pan, J. W. |
| Conference Name | MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM) |
| Date Published | oct |
| Keywords | Analytical models, artificial intelligence security, attack behaviors, common base classifier, computer security, different distribution, feature distribution, feature extraction, feature-based transfer learning technique, Human Behavior, Knowledge engineering, labeled datasets, labeled training sets, learned model, learned models, learning (artificial intelligence), machine learning, machine learning-based approaches, Metrics, network attack detection, network data, Network security, nonlabeled testing sets, pattern classification, pubcrawl, Resiliency, Robustness, Scalability, security of data, signature-based detection systems, supervised learning approaches, Testing, testing datasets, Training, training dataset, transfer learning, unseen attacks, unseen network attacks, unseen variants |
| Abstract | New and unseen network attacks pose a great threat to the signature-based detection systems. Consequently, machine learning-based approaches are designed to detect attacks, which rely on features extracted from network data. The problem is caused by different distribution of features in the training and testing datasets, which affects the performance of the learned models. Moreover, generating labeled datasets is very time-consuming and expensive, which undercuts the effectiveness of supervised learning approaches. In this paper, we propose using transfer learning to detect previously unseen attacks. The main idea is to learn the optimized representation to be invariant to the changes of attack behaviors from labeled training sets and non-labeled testing sets, which contain different types of attacks and feed the representation to a supervised classifier. To the best of our knowledge, this is the first effort to use a feature-based transfer learning technique to detect unseen variants of network attacks. Furthermore, this technique can be used with any common base classifier. We evaluated the technique on publicly available datasets, and the results demonstrate the effectiveness of transfer learning to detect new network attacks. |
| URL | http://ieeexplore.ieee.org/document/8170749/ |
| DOI | 10.1109/MILCOM.2017.8170749 |
| Citation Key | zhao_feature-based_2017 |
- signature-based detection systems
- network data
- network security
- nonlabeled testing sets
- pattern classification
- pubcrawl
- Resiliency
- Robustness
- Scalability
- security of data
- network attack detection
- supervised learning approaches
- testing
- testing datasets
- Training
- training dataset
- transfer learning
- unseen attacks
- unseen network attacks
- unseen variants
- Knowledge engineering
- artificial intelligence security
- attack behaviors
- common base classifier
- computer security
- different distribution
- feature distribution
- feature extraction
- feature-based transfer learning technique
- Human behavior
- Analytical models
- labeled datasets
- labeled training sets
- learned model
- learned models
- learning (artificial intelligence)
- machine learning
- machine learning-based approaches
- Metrics