An Intrusion Detection Model With Hierarchical Attention Mechanism

Liu, Chang; Liu, Yang; Yan, Yu; Ji, Wang

doi:10.1109/access.2020.2983568

Cited by 47 publications

(31 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The training phase learns the features distribution and generates a model able to detect patterns. Then, in the testing phase, the model is applied to detect any abnormality [135][136][137]. This section builds taxonomy for different ML techniques that can be used in the IDS context .…”

Section: Machine Learningmentioning

confidence: 99%

A Comprehensive Survey on Intrusion Detection based Machine Learning for IoT Networks

Mliki¹,

Kaceam²,

Fourati³

2021

ICST Transactions on Security and Safety

View full text Add to dashboard Cite

The Internet of things (IoT) is a new ubiquitous technology that relies on heterogeneous devices and protocols. The IoT technologies are expected to offer a new level of connectivity thanks to its smart devices able to enhance everyday tasks and facilitate smart decisions based on sensed data. The IoT could collect sensitive data and should be able to face attacks and privacy issues. The IoT security issue is a hot topic of research and industrial concern. Indeed, threats against IoT devices and services could cause security breaches and data leakage. Aiming to identify attempts to abuse the IoT systems and mitigate malicious events, this paper studied the Intrusion Detection Systems (IDS) based on Machine Learning (ML) techniques. The ML approach could provide good tools to detect novel intrusion activities in a timely manner. This paper, therefore, highlighted the related issues to develop secured and efficient IoT services. It tried to allow a comprehensive review of IoT features and design. It mainly focused on intrusion detection based on the machine learning schema and built a taxonomy of different IoT attacks and threats. This paper also compared between the different intrusion detection techniques and established a taxonomy of machine leaning methods for intrusion detection solutions.

show abstract

Section: Machine Learningmentioning

confidence: 99%

A Comprehensive Survey on Intrusion Detection based Machine Learning for IoT Networks

Mliki¹,

Kaceam²,

Fourati³

2021

ICST Transactions on Security and Safety

View full text Add to dashboard Cite

show abstract

“…In order to obtain high accuracy, high packet detection rate, and low false positive rate of AID-S, Iwendi et al [11] proposed a CFS + Ensemble Classifiers. Besides, Jiang et al [12] proposed the PSO-XGBoost model given its overall higher classification accuracy than other alternative models such like XGBoost, Random Forest, Bagging and Adaboost and Liu et al [13] presented an intrusion detection model with hierarchical attention mechanism.…”

Section: A Intrusion Detection Systemmentioning

confidence: 99%

The Effective Methods for Intrusion Detection With Limited Network Attack Data: Multi-Task Learning and Oversampling

et al. 2020

View full text Add to dashboard Cite

Recently, many anomaly intrusion detection algorithms have been developed and applied in network security. These algorithms achieve high detection rate on many classical datasets. However, most of them failed to address two challenges: 1) imbalanced traffic data with limited network attack, 2) multiple data sources that are distributed in different terminals. In detail, those algorithms assume that there are sufficient network traffic data to train their models for intrusion detection. Due to the network attack traffic is always scarce in the real-world network, this assumption is difficult to satisfy in most cases. In this paper, we use Multi-Task Learning (MTL) and oversampling methods to address those challenges of network intrusion detection. Firstly, we use the MTL method to treat each terminal as a single task, and then use relevant information between different terminals to help learn every single task. Meanwhile, we use the oversampling method to overcome the minority problem of attacks. Through a series of experiments on the latest UNSW-NB15 and CICIDS2018 datasets, this paper verifies the effectiveness of MTL and oversampling methods for network intrusion detection with limited network attack data, where they achieve more than 90% detection rate in different experimental settings.

show abstract

“…A RTIFICIAL Intelligence provides powerful solutions for improving cybersecurity in general, and intrusion detection systems [1], [2] in particular due to improvement in attack detection rates, precision, and recall as well as the reduction in false positives and negatives. Such techniques have also been applied successfully in network analytics to analyze complex encrypted traffic flows [3], [4].…”

Section: Introductionmentioning

confidence: 99%

Building an Intrusion Detection System to Detect Atypical Cyberattack Flows

et al. 2021

View full text Add to dashboard Cite

Artificial Intelligence (AI) techniques provide effective solutions for the detection of many aberrant network traffic patterns and attack flows. However, the validation of these techniques often relies on one training dataset. Recent results show that such training may fail in the face of dynamically-changing cyberattacks. Given the increased sophistication of cyberattacks nowadays, it is imperative to examine and improve the performance of such AI models. This paper proposes a defensive AI engine combined with a twofold feature selection technique and hyperparameter optimization of the AI model. In this work, we utilize the proposed system for binary attack flow identification and the AI models are trained and validated on the CICIDS2017 dataset. The system is then evaluated using synthesized atypical attack flows to mimic real-world scenarios. We demonstrate the effectiveness of the proposed atypical attack flow detection approach using several Deep Learning and Machine Learning models including DNN, Linear-SVC, and Stacked Decision Tree Classifier (S-DTC). Simulation results demonstrate that the proposed defensive AI engine significantly improves the True Positive Rate (TPR) of AI models on multiple atypical attacks.

show abstract

An Intrusion Detection Model With Hierarchical Attention Mechanism

Cited by 47 publications

References 46 publications

A Comprehensive Survey on Intrusion Detection based Machine Learning for IoT Networks

A Comprehensive Survey on Intrusion Detection based Machine Learning for IoT Networks

The Effective Methods for Intrusion Detection With Limited Network Attack Data: Multi-Task Learning and Oversampling

Building an Intrusion Detection System to Detect Atypical Cyberattack Flows

Contact Info

Product

Resources

About