{"title":"Towards Efficient and Certified Recovery from Poisoning Attacks in Federated Learning","authors":"Yu Jiang, Jiyuan Shen, Ziyao Liu, Chee Wei Tan, Kwok-Yan Lam","doi":"10.1109/tifs.2025.3533907","DOIUrl":"https://doi.org/10.1109/tifs.2025.3533907","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"38 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-01-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143031011","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-01-24DOI: 10.1109/TIFS.2025.3533925
Xin Liu;Yichen Yang;Kun He;John E. Hopcroft
Though deep neural networks exhibit superior performance on various tasks, they are still plagued by adversarial examples. Adversarial training has been demonstrated to be the most effective method to defend against adversarial attacks. However, existing adversarial training methods show that the model robustness has apparent oscillations and overfitting issues in the training process, degrading the defense efficacy. To address these issues, we propose a novel framework called Parameter Interpolation Adversarial Training (PIAT). PIAT tunes the model parameters between each epoch by interpolating the parameters of the previous and current epochs. It makes the decision boundary of model change more moderate and alleviates the overfitting issue, helping the model converge better and achieving higher model robustness. In addition, we suggest using the Normalized Mean Square Error (NMSE) to further improve the robustness by aligning the relative magnitude of logits between clean and adversarial examples rather than the absolute magnitude. Extensive experiments conducted on several benchmark datasets demonstrate that our framework could prominently improve the robustness of both Convolutional Neural Networks (CNNs) and Vision Transformers (ViTs).
{"title":"Parameter Interpolation Adversarial Training for Robust Image Classification","authors":"Xin Liu;Yichen Yang;Kun He;John E. Hopcroft","doi":"10.1109/TIFS.2025.3533925","DOIUrl":"10.1109/TIFS.2025.3533925","url":null,"abstract":"Though deep neural networks exhibit superior performance on various tasks, they are still plagued by adversarial examples. Adversarial training has been demonstrated to be the most effective method to defend against adversarial attacks. However, existing adversarial training methods show that the model robustness has apparent oscillations and overfitting issues in the training process, degrading the defense efficacy. To address these issues, we propose a novel framework called Parameter Interpolation Adversarial Training (PIAT). PIAT tunes the model parameters between each epoch by interpolating the parameters of the previous and current epochs. It makes the decision boundary of model change more moderate and alleviates the overfitting issue, helping the model converge better and achieving higher model robustness. In addition, we suggest using the Normalized Mean Square Error (NMSE) to further improve the robustness by aligning the relative magnitude of logits between clean and adversarial examples rather than the absolute magnitude. Extensive experiments conducted on several benchmark datasets demonstrate that our framework could prominently improve the robustness of both Convolutional Neural Networks (CNNs) and Vision Transformers (ViTs).","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1613-1623"},"PeriodicalIF":6.3,"publicationDate":"2025-01-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143030792","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-01-24DOI: 10.1109/TIFS.2025.3533914
You Li;Yan Huo;Tianhui Zhang;Zhongguo Zhou;Qinghe Gao;Tao Yan;Yongning Yang;Tao Jing
The smart distribution grid (SDG), characterized by large-scale interconnections and strong dependence on information and communication technologies, is highly susceptible to potential security threats, such as spoofing attacks and man-in-the-middle attacks. These threats may lead to the leakage of sensitive user power-expenditure information, even cause great economic damage. Therefore, authentication is of utmost importance in guaranteeing the electrical safety of SDGs. In this paper, we present a distributed physical layer authentication (DPLA) scheme tailored for smart meter authentication. The scheme overcomes the limitations of traditional upper-layer cryptography-based mechanisms, and achieves lightweight continuous authentication in a cooperative manner. To fully exploit the channel information collected by collaborative nodes located in different azimuths, a CNN algorithm is designed for deep feature extraction. Moreover, a situational-aware dynamic weighted voting strategy is introduced to coordinate inconsistent opinions, thereby making unified decisions. Aimed at maximizing the integrated performance gains of DPLA, both long-term reputation and short-term performance are taken into account for node’s weight update. Finally, simulations are carried out. The results demonstrate that our scheme outperforms DPLAs based on static voting strategies with respect to authentication accuracy, anti-disturbance robustness and environmental adaptability; Hence, it caters to the demand for high-quality continuous authentication in SDGs.
{"title":"Distributed Physical Layer Authentication With Dynamic Soft Voting for Smart Distribution Grids","authors":"You Li;Yan Huo;Tianhui Zhang;Zhongguo Zhou;Qinghe Gao;Tao Yan;Yongning Yang;Tao Jing","doi":"10.1109/TIFS.2025.3533914","DOIUrl":"10.1109/TIFS.2025.3533914","url":null,"abstract":"The smart distribution grid (SDG), characterized by large-scale interconnections and strong dependence on information and communication technologies, is highly susceptible to potential security threats, such as spoofing attacks and man-in-the-middle attacks. These threats may lead to the leakage of sensitive user power-expenditure information, even cause great economic damage. Therefore, authentication is of utmost importance in guaranteeing the electrical safety of SDGs. In this paper, we present a distributed physical layer authentication (DPLA) scheme tailored for smart meter authentication. The scheme overcomes the limitations of traditional upper-layer cryptography-based mechanisms, and achieves lightweight continuous authentication in a cooperative manner. To fully exploit the channel information collected by collaborative nodes located in different azimuths, a CNN algorithm is designed for deep feature extraction. Moreover, a situational-aware dynamic weighted voting strategy is introduced to coordinate inconsistent opinions, thereby making unified decisions. Aimed at maximizing the integrated performance gains of DPLA, both long-term reputation and short-term performance are taken into account for node’s weight update. Finally, simulations are carried out. The results demonstrate that our scheme outperforms DPLAs based on static voting strategies with respect to authentication accuracy, anti-disturbance robustness and environmental adaptability; Hence, it caters to the demand for high-quality continuous authentication in SDGs.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1807-1821"},"PeriodicalIF":6.3,"publicationDate":"2025-01-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143031010","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Recently, numerous degraded images have flooded search engines and social networks, finding extensive and practical applications in the real world. However, these images have also posed new challenges to conventional image retrieval tasks. To this end, we introduce a new task of retrieving degraded images through deep hashing from large-scale databases, and further present the Locality-Sensitive Hashing Network (LSHNet) to tackle it in a self-supervised manner. More specifically, we first propose a triplet strategy to enable the self-supervised training of LSHNet in an end-to-end fashion. Due to the designed strategy, the highly semantic similarity and discrimination of degraded images are well-preserved in our learned latent codes without requiring additional human labor in labeling tons of degraded images. Moreover, to tackle large-scale image retrieval efficiently, we further propose to transform the latent codes into locality-sensitive hashing codes such that the degraded images can be retrieved in sublinear time with their representation ability almost unaffected. Extensive experiments are conducted on three public benchmarks where the results demonstrate the superior performance of LSHNet in retrieving similar images under degraded conditions.
{"title":"Self-Supervised Locality-Sensitive Deep Hashing for the Robust Retrieval of Degraded Images","authors":"Lingyun Xiang;Hailang Hu;Qian Li;Hao Yu;Xiaobo Shen","doi":"10.1109/TIFS.2025.3531104","DOIUrl":"10.1109/TIFS.2025.3531104","url":null,"abstract":"Recently, numerous degraded images have flooded search engines and social networks, finding extensive and practical applications in the real world. However, these images have also posed new challenges to conventional image retrieval tasks. To this end, we introduce a new task of retrieving degraded images through deep hashing from large-scale databases, and further present the Locality-Sensitive Hashing Network (LSHNet) to tackle it in a self-supervised manner. More specifically, we first propose a triplet strategy to enable the self-supervised training of LSHNet in an end-to-end fashion. Due to the designed strategy, the highly semantic similarity and discrimination of degraded images are well-preserved in our learned latent codes without requiring additional human labor in labeling tons of degraded images. Moreover, to tackle large-scale image retrieval efficiently, we further propose to transform the latent codes into locality-sensitive hashing codes such that the degraded images can be retrieved in sublinear time with their representation ability almost unaffected. Extensive experiments are conducted on three public benchmarks where the results demonstrate the superior performance of LSHNet in retrieving similar images under degraded conditions.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1582-1596"},"PeriodicalIF":6.3,"publicationDate":"2025-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143027167","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-01-23DOI: 10.1109/TIFS.2025.3531773
Xue Fu;Yu Wang;Yun Lin;Tomoaki Ohtsuki;Bamidele Adebisi;Guan Gui;Hikmet Sari
The rapid and widespread adoption of unmanned aerial vehicles (UAVs) poses significant threats to public safety and security in sensitive areas and subsequently underscores the urgent need for effective UAV surveillance solutions, where UAV classification emerges as a vital technology. Deep learning (DL) methods can autonomously extract implicit features from UAV signals and subsequently infer their types, provided that sufficient signal samples are available. Due to the high mobility of UAVs, it is challenging to ensure continuous monitoring between UAVs and the surveillance system to obtain sufficient samples. Moreover, DL models developed from sufficient but environment-specific datasets tend to be less generalized. This paper proposes a novel federated semantic regularization for learning an UAV classification model and further classifying UAVs across diverse environmental conditions. The approach enhances model generalization by regularizing semantic features during the local model training process on each participant. Subsequently, these local models are aggregated into a robust global model. Extensive testing across multiple environments demonstrates the superior classification performance of our approach compared to existing non-federated and federated approaches. The average classification accuracy of the proposed method in the three environments is 95.68%, which is improved by 13.39% compared to the non-federated methods and by 2.75% compared to the federated methods.
{"title":"Toward Collaborative and Cross-Environment UAV Classification: Federated Semantic Regularization","authors":"Xue Fu;Yu Wang;Yun Lin;Tomoaki Ohtsuki;Bamidele Adebisi;Guan Gui;Hikmet Sari","doi":"10.1109/TIFS.2025.3531773","DOIUrl":"10.1109/TIFS.2025.3531773","url":null,"abstract":"The rapid and widespread adoption of unmanned aerial vehicles (UAVs) poses significant threats to public safety and security in sensitive areas and subsequently underscores the urgent need for effective UAV surveillance solutions, where UAV classification emerges as a vital technology. Deep learning (DL) methods can autonomously extract implicit features from UAV signals and subsequently infer their types, provided that sufficient signal samples are available. Due to the high mobility of UAVs, it is challenging to ensure continuous monitoring between UAVs and the surveillance system to obtain sufficient samples. Moreover, DL models developed from sufficient but environment-specific datasets tend to be less generalized. This paper proposes a novel federated semantic regularization for learning an UAV classification model and further classifying UAVs across diverse environmental conditions. The approach enhances model generalization by regularizing semantic features during the local model training process on each participant. Subsequently, these local models are aggregated into a robust global model. Extensive testing across multiple environments demonstrates the superior classification performance of our approach compared to existing non-federated and federated approaches. The average classification accuracy of the proposed method in the three environments is 95.68%, which is improved by 13.39% compared to the non-federated methods and by 2.75% compared to the federated methods.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1624-1635"},"PeriodicalIF":6.3,"publicationDate":"2025-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143027185","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Location-based mobile services, while improving user daily life, also raise significant privacy concerns in the sharing of location data. These trajectories indicate users’ traveling behavioural traces with rich semantics derived from open-source information. Behavioral-semantic analysis reveals users’ travelling motivations and underlying behavioral patterns. It contributes to attackers launching inferential attacks for behavior prediction, identity identification, or other privacy invasions, even when the location data is protected. It remains open to the issues of behavioral-semantic privacy-risk quantification and privacy-protection evaluation. This paper aims to reveal such semantic privacy risks of user behaviors arising from the publication of location trajectories in mobile scenarios. We formalize user semantic-mobility process to analyze his underlying behavior patterns. Then, we design semantic inference algorithms conditional on the released trajectory to reason about the observation-based likelihood of the user’s actual staying and transfer behaviours and behavioural-trace tracking. Extensive experiments with real-world data demonstrate their performance on inference accuracy and semantic similarity, offering a quantification criterion for deploying mobile privacy protection.
{"title":"Quantifying Privacy Risks of Behavioral Semantics in Mobile Communication Services","authors":"Guoying Qiu;Tiecheng Bai;Guoming Tang;Deke Guo;Chuandong Li;Yan Gan;Baoping Zhou;Yulong Shen","doi":"10.1109/TIFS.2025.3533144","DOIUrl":"10.1109/TIFS.2025.3533144","url":null,"abstract":"Location-based mobile services, while improving user daily life, also raise significant privacy concerns in the sharing of location data. These trajectories indicate users’ traveling behavioural traces with rich semantics derived from open-source information. Behavioral-semantic analysis reveals users’ travelling motivations and underlying behavioral patterns. It contributes to attackers launching inferential attacks for behavior prediction, identity identification, or other privacy invasions, even when the location data is protected. It remains open to the issues of behavioral-semantic privacy-risk quantification and privacy-protection evaluation. This paper aims to reveal such semantic privacy risks of user behaviors arising from the publication of location trajectories in mobile scenarios. We formalize user semantic-mobility process to analyze his underlying behavior patterns. Then, we design semantic inference algorithms conditional on the released trajectory to reason about the observation-based likelihood of the user’s actual staying and transfer behaviours and behavioural-trace tracking. Extensive experiments with real-world data demonstrate their performance on inference accuracy and semantic similarity, offering a quantification criterion for deploying mobile privacy protection.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1908-1923"},"PeriodicalIF":6.3,"publicationDate":"2025-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143027184","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-01-23DOI: 10.1109/tifs.2025.3533141
Zhuoqun Yan, Wenfang Zhang, Xiaomin Wang, Muhammad Khurram Khan
{"title":"Comments on “VCD-FL: Verifiable, Collusion-Resistant, and Dynamic Federated Learning”","authors":"Zhuoqun Yan, Wenfang Zhang, Xiaomin Wang, Muhammad Khurram Khan","doi":"10.1109/tifs.2025.3533141","DOIUrl":"https://doi.org/10.1109/tifs.2025.3533141","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"29 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143026520","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-01-20DOI: 10.1109/tifs.2025.3531775
Lingzhi Zhao, Jianquan Lu, Yang Liu, Jungang Lou
{"title":"Dynamic event-triggered control for leader-following consensus of nonlinear multi-agent systems against malicious attacks","authors":"Lingzhi Zhao, Jianquan Lu, Yang Liu, Jungang Lou","doi":"10.1109/tifs.2025.3531775","DOIUrl":"https://doi.org/10.1109/tifs.2025.3531775","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"49 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142991445","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-01-20DOI: 10.1109/TIFS.2025.3530689
Manlin Wang;Yao Yao;Haiyang Ding;Shihai Shao;Bin Xia;Jiangzhou Wang
Covert communication is an important approach to ensure information security by hiding the transmission behavior. Space-domain-coding intelligent reflecting surface (SDC-IRS) can adjust the phase of the reflection signal for passive beamforming in angle domains, which is widely employed in covert communications. However, the gains by SDC-IRS vanish when the warder is proximal to the receiver in angle domains. To overcome this limitation, in this paper, the space-time-coding IRS (STC-IRS) is considered, which can adjust both the phase and the frequency of the reflection signal for passive beamforming in angle-distance domains. Specifically, system performance under STC-IRS and SDC-IRS is compared, revealing the essence that angle and distance discrimination for the receiver is achieved with STC-IRS. Further, to fully exploit STC-IRS, optimization problems are formulated to maximize the covert rate in both line-of-sight scenarios and Rician fading scenarios. To solve the above problems, penalty-based algorithms are proposed where the transmit power, the phase shift and the frequency shift at STC-IRS are optimized jointly with majorization-minimization and block successive upper bound minimization techniques. Considering more general and adverse cases, the proposed algorithms are also extended to the scenario with multiple warders. Simulation results demonstrate the superiority of the proposed scheme compared with other benchmarks. Especially, when the warder and the receiver overlap in angle domains, covert rates with STC-IRS exceed 3 bps by distance domain discrimination, whereas covert rates with SDC-IRS are less than 0.01 bps.
{"title":"Angle and Distance Discrimination by Utilizing Frequency Conversion Capability of STC-IRS for Covert Communications","authors":"Manlin Wang;Yao Yao;Haiyang Ding;Shihai Shao;Bin Xia;Jiangzhou Wang","doi":"10.1109/TIFS.2025.3530689","DOIUrl":"10.1109/TIFS.2025.3530689","url":null,"abstract":"Covert communication is an important approach to ensure information security by hiding the transmission behavior. Space-domain-coding intelligent reflecting surface (SDC-IRS) can adjust the phase of the reflection signal for passive beamforming in angle domains, which is widely employed in covert communications. However, the gains by SDC-IRS vanish when the warder is proximal to the receiver in angle domains. To overcome this limitation, in this paper, the space-time-coding IRS (STC-IRS) is considered, which can adjust both the phase and the frequency of the reflection signal for passive beamforming in angle-distance domains. Specifically, system performance under STC-IRS and SDC-IRS is compared, revealing the essence that angle and distance discrimination for the receiver is achieved with STC-IRS. Further, to fully exploit STC-IRS, optimization problems are formulated to maximize the covert rate in both line-of-sight scenarios and Rician fading scenarios. To solve the above problems, penalty-based algorithms are proposed where the transmit power, the phase shift and the frequency shift at STC-IRS are optimized jointly with majorization-minimization and block successive upper bound minimization techniques. Considering more general and adverse cases, the proposed algorithms are also extended to the scenario with multiple warders. Simulation results demonstrate the superiority of the proposed scheme compared with other benchmarks. Especially, when the warder and the receiver overlap in angle domains, covert rates with STC-IRS exceed 3 bps by distance domain discrimination, whereas covert rates with SDC-IRS are less than 0.01 bps.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1503-1518"},"PeriodicalIF":6.3,"publicationDate":"2025-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142991402","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In the era of zero trust security models and next-generation networks (NGN), the primary challenge is that network nodes may be untrusted, even if they have been verified, necessitating continuous validation and scrutiny. Effective intrusion detection systems (IDS) are crucial for continuously monitoring network traffic and identifying potential threats. However, traditional IDS approaches often struggle to keep pace with evolving threats, requiring extensive supervised training on labeled datasets. This limitation leads to high false positive rates, low detection accuracy, and a failure to provide real-time detection, thereby undermining the security of NGNs. This paper proposed the first self-supervised learning-based IDS, designed on temporal contrastive graph neural network (GNN), namely $mathsf{TCG}text{-}mathsf{IDS}$ . It innovatively integrates three contrastive learning strategies: temporal contrasting to capture temporal dependencies, asymmetric contrasting to account for the diverse interactions within network data, and masked contrasting to enhance the learning of node representations by masking parts of the data during training. Performance evaluation was conducted on two publicly available network traffic datasets, NF-CSE-CIC-IDS2018-V2 and NF-UNSW-NB15-V2. $mathsf{TCG}text{-}mathsf{IDS}$ achieved a balanced accuracy of 99.48% and 91.48% on two datasets respectively, significantly outperforming state-of-the-art graph learning models. In multi-class detection, $mathsf{TCG}text{-}mathsf{IDS}$ attained a mean false positive rate of 4.15% and 3.34% on the two datasets respectively. Besides, it exhibits high efficiency with its running time of 0.37s and 0.51s on the two datasets to predict per batch of 100 samples. Results highlight the effectiveness and efficiency of $mathsf{TCG}text{-}mathsf{IDS}$ in accurately detecting various types of network intrusions. This work significantly advances the field of network intrusion detection via self-supervised temporal graph learning, offering a promising solution for future network security systems.
{"title":" $mathsf{TCG}text{-}mathsf{IDS}$ : Robust Network Intrusion Detection via Temporal Contrastive Graph Learning","authors":"Cong Wu;Jianfei Sun;Jing Chen;Mamoun Alazab;Yang Liu;Yang Xiang","doi":"10.1109/TIFS.2025.3530702","DOIUrl":"10.1109/TIFS.2025.3530702","url":null,"abstract":"In the era of zero trust security models and next-generation networks (NGN), the primary challenge is that network nodes may be untrusted, even if they have been verified, necessitating continuous validation and scrutiny. Effective intrusion detection systems (IDS) are crucial for continuously monitoring network traffic and identifying potential threats. However, traditional IDS approaches often struggle to keep pace with evolving threats, requiring extensive supervised training on labeled datasets. This limitation leads to high false positive rates, low detection accuracy, and a failure to provide real-time detection, thereby undermining the security of NGNs. This paper proposed the first self-supervised learning-based IDS, designed on temporal contrastive graph neural network (GNN), namely <inline-formula> <tex-math>$mathsf{TCG}text{-}mathsf{IDS}$ </tex-math></inline-formula>. It innovatively integrates three contrastive learning strategies: temporal contrasting to capture temporal dependencies, asymmetric contrasting to account for the diverse interactions within network data, and masked contrasting to enhance the learning of node representations by masking parts of the data during training. Performance evaluation was conducted on two publicly available network traffic datasets, NF-CSE-CIC-IDS2018-V2 and NF-UNSW-NB15-V2. <inline-formula> <tex-math>$mathsf{TCG}text{-}mathsf{IDS}$ </tex-math></inline-formula> achieved a balanced accuracy of 99.48% and 91.48% on two datasets respectively, significantly outperforming state-of-the-art graph learning models. In multi-class detection, <inline-formula> <tex-math>$mathsf{TCG}text{-}mathsf{IDS}$ </tex-math></inline-formula> attained a mean false positive rate of 4.15% and 3.34% on the two datasets respectively. Besides, it exhibits high efficiency with its running time of 0.37s and 0.51s on the two datasets to predict per batch of 100 samples. Results highlight the effectiveness and efficiency of <inline-formula> <tex-math>$mathsf{TCG}text{-}mathsf{IDS}$ </tex-math></inline-formula> in accurately detecting various types of network intrusions. This work significantly advances the field of network intrusion detection via self-supervised temporal graph learning, offering a promising solution for future network security systems.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1475-1486"},"PeriodicalIF":6.3,"publicationDate":"2025-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142991343","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: