Visible to the public Feature-based transfer learning for network security

TitleFeature-based transfer learning for network security
Publication TypeConference Paper
Year of Publication2017
AuthorsZhao, J., Shetty, S., Pan, J. W.
Conference NameMILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM)
Date Publishedoct
KeywordsAnalytical models, artificial intelligence security, attack behaviors, common base classifier, computer security, different distribution, feature distribution, feature extraction, feature-based transfer learning technique, Human Behavior, Knowledge engineering, labeled datasets, labeled training sets, learned model, learned models, learning (artificial intelligence), machine learning, machine learning-based approaches, Metrics, network attack detection, network data, Network security, nonlabeled testing sets, pattern classification, pubcrawl, Resiliency, Robustness, Scalability, security of data, signature-based detection systems, supervised learning approaches, Testing, testing datasets, Training, training dataset, transfer learning, unseen attacks, unseen network attacks, unseen variants

New and unseen network attacks pose a great threat to the signature-based detection systems. Consequently, machine learning-based approaches are designed to detect attacks, which rely on features extracted from network data. The problem is caused by different distribution of features in the training and testing datasets, which affects the performance of the learned models. Moreover, generating labeled datasets is very time-consuming and expensive, which undercuts the effectiveness of supervised learning approaches. In this paper, we propose using transfer learning to detect previously unseen attacks. The main idea is to learn the optimized representation to be invariant to the changes of attack behaviors from labeled training sets and non-labeled testing sets, which contain different types of attacks and feed the representation to a supervised classifier. To the best of our knowledge, this is the first effort to use a feature-based transfer learning technique to detect unseen variants of network attacks. Furthermore, this technique can be used with any common base classifier. We evaluated the technique on publicly available datasets, and the results demonstrate the effectiveness of transfer learning to detect new network attacks.

Citation Keyzhao_feature-based_2017