Xu Yu;Yan Lu;Feng Jiang;Qiang Hu;Junwei Du;Dunwei Gong
{"title":"A Cross-Domain Intrusion Detection Method Based on Nonlinear Augmented Explicit Features","authors":"Xu Yu;Yan Lu;Feng Jiang;Qiang Hu;Junwei Du;Dunwei Gong","doi":"10.1109/TNSM.2024.3444909","DOIUrl":null,"url":null,"abstract":"The purpose of Intrusion Detection Systems (IDS) is to identify security issues in data transmitted by various devices and communication protocols. For domains with sparse data, such as the Internet of Things (IoT), cross-domain models are applied to solve the sparse problem by transfer knowledge from the source domain with rich data to the target domain. However, most of the cross-domain intrusion detection methods map different explicit features in the source and target domains to implicit features in a common implicit space, which weakens the interpretability of these methods. To enhance the interpretability of cross-domain models, we propose a Cross-Domain Intrusion Detection Method Based on Nonlinear Augmented Explicit Features (NAEF). Specifically, we augment the feature space of the source and target domains as the combination of shared features, source domain specific features and target domain specific features. Moreover, we model the nonlinear mapping relationship from shared features to special features in the source and target domains separately. Then, the original features in the source and target domains are mapped to uniform explicit features in the augmented space by migration of the nonlinear mapping relationship. Additionally, a classifier based on ensemble learning and attention mechanism balances the data distribution and selects important features to enhance detection performance. Our experimental results demonstrate the effectiveness of the proposed NAEF method on four public datasets.","PeriodicalId":13423,"journal":{"name":"IEEE Transactions on Network and Service Management","volume":"22 1","pages":"187-197"},"PeriodicalIF":4.7000,"publicationDate":"2024-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Network and Service Management","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10638131/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
The purpose of Intrusion Detection Systems (IDS) is to identify security issues in data transmitted by various devices and communication protocols. For domains with sparse data, such as the Internet of Things (IoT), cross-domain models are applied to solve the sparse problem by transfer knowledge from the source domain with rich data to the target domain. However, most of the cross-domain intrusion detection methods map different explicit features in the source and target domains to implicit features in a common implicit space, which weakens the interpretability of these methods. To enhance the interpretability of cross-domain models, we propose a Cross-Domain Intrusion Detection Method Based on Nonlinear Augmented Explicit Features (NAEF). Specifically, we augment the feature space of the source and target domains as the combination of shared features, source domain specific features and target domain specific features. Moreover, we model the nonlinear mapping relationship from shared features to special features in the source and target domains separately. Then, the original features in the source and target domains are mapped to uniform explicit features in the augmented space by migration of the nonlinear mapping relationship. Additionally, a classifier based on ensemble learning and attention mechanism balances the data distribution and selects important features to enhance detection performance. Our experimental results demonstrate the effectiveness of the proposed NAEF method on four public datasets.
期刊介绍:
IEEE Transactions on Network and Service Management will publish (online only) peerreviewed archival quality papers that advance the state-of-the-art and practical applications of network and service management. Theoretical research contributions (presenting new concepts and techniques) and applied contributions (reporting on experiences and experiments with actual systems) will be encouraged. These transactions will focus on the key technical issues related to: Management Models, Architectures and Frameworks; Service Provisioning, Reliability and Quality Assurance; Management Functions; Enabling Technologies; Information and Communication Models; Policies; Applications and Case Studies; Emerging Technologies and Standards.