Jianliang Ruan scite author profile

In today's cyberspace, network traffic is more massive, complex, and multi-dimensional than ever before. In order to capture malicious network attacks, a machine learning-based network intrusion detection system (NIDS) has become the mainstream method. However, there are still high false-positive and false-negative rates, which cannot guarantee detection accuracy. On the one hand, normal behaviour dominates the Internet, and network traffic presents uneven distribution. On the other hand, the goal of machine learning algorithms is usually to obtain the highest overall accuracy without considering class-imbalanced. It is difficult for the model to learn good performance from a few attack examples. Training the model with an imbalanced data distribution often leads to severe overfitting and severely damages the model's generalization ability. To improve class-imbalanced learning in network intrusion detection, it is necessary to capture the similarities between samples in different classes and compare them with samples in other classes. Based on this, we propose ConFlow, a supervised contrastive learning method for network intrusion detection. First, we design a feature extraction encoder for bidirectional network flow, and add GELU, LayerNorm, and Skip-connection units to the MLP framework, which can enhance the representation ability of the neural network. Then, we use the dropout layer's randomness in the encoder for data augmentation, and different vector representations can be obtained by feeding the same network flow into the encoder twice. Lastly, through the weighted supervised contrastive loss and cross-entropy loss in the training phase. The ConFlow method can improve class-imbalanced learning and does not need the two stages of pre-training and fine-tuning, which can further mine maliciously attacks hidden under normal traffic. The experimental results on the ISCX-IDS2012 and CSE-CIC-IDS2017 datasets show that the ConFlow outperforms other works, and the performance improvement on few-shot learning and robustness test is more significant. The reference PyTorch code is released at https://github.com/AshinWang/ConFlow.

show abstract

Efficient Coded-Block Delivery and Caching in Information-Centric Networking

Liu

Cai

Zhao

et al. 2020

Discrete Dynamics in Nature and Society

View full text Add to dashboard Cite

Information-centric networking (ICN) provides request aggregation and caching strategies that can improve network performance by reducing content server loads and network traffic. Incorporating network coding into ICN can offer several benefits, but a consumer may receive the same coded block from multiple content routers since the coded block may be cached by any of the content routers on its forwarding path. In this paper, we introduce a request-specific coded-block scheme to avoid linear dependency of blocks that are utilizing in-network caching. Additionally, a non-cooperative coded caching and replacement strategy is designed to guarantee that the cached blocks can be reused. Our experimental results show that the proposed scheme has superior performance to conventional CCN and two network coding-based ICN schemes.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Jianliang Ruan

Toward Fuzz Test Based on Protocol Reverse Engineering

ConFlow: Contrast Network Flow Improving Class-Imbalanced Learning in Network Intrusion Detection

Efficient Coded-Block Delivery and Caching in Information-Centric Networking

Contact Info

Product

Resources

About