ConFlow: Contrast Network Flow Improving Class-Imbalanced Learning in Network Intrusion Detection

Liu, Lan; Wang, Pengcheng; Ruan, Jianliang; Lin, Jun

doi:10.21203/rs.3.rs-1572776/v1

Cited by 3 publications

(1 citation statement)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [56], the authors suggest a technique that contrasts network traffic in order to improve class-imbalanced learning in network intrusion detection. The dropout layer's randomness is used to produce various feature vectors, the model is inputted twice with the same flow, and supervised CL and cross-entropy are used to train the model.…”

Section: Distribution Shift Challenges and Responsementioning

confidence: 99%

On the Robustness of ML-Based Network Intrusion Detection Systems: An Adversarial and Distribution Shift Perspective

Wang,

Yang,

Gunasinghe

et al. 2023

Computers

View full text Add to dashboard Cite

Utilizing machine learning (ML)-based approaches for network intrusion detection systems (NIDSs) raises valid concerns due to the inherent susceptibility of current ML models to various threats. Of particular concern are two significant threats associated with ML: adversarial attacks and distribution shifts. Although there has been a growing emphasis on researching the robustness of ML, current studies primarily concentrate on addressing specific challenges individually. These studies tend to target a particular aspect of robustness and propose innovative techniques to enhance that specific aspect. However, as a capability to respond to unexpected situations, the robustness of ML should be comprehensively built and maintained in every stage. In this paper, we aim to link the varying efforts throughout the whole ML workflow to guide the design of ML-based NIDSs with systematic robustness. Toward this goal, we conduct a methodical evaluation of the progress made thus far in enhancing the robustness of the targeted NIDS application task. Specifically, we delve into the robustness aspects of ML-based NIDSs against adversarial attacks and distribution shift scenarios. For each perspective, we organize the literature in robustness-related challenges and technical solutions based on the ML workflow. For instance, we introduce some advanced potential solutions that can improve robustness, such as data augmentation, contrastive learning, and robustness certification. According to our survey, we identify and discuss the ML robustness research gaps and future direction in the field of NIDS. Finally, we highlight that building and patching robustness throughout the life cycle of an ML-based NIDS is critical.

show abstract

Section: Distribution Shift Challenges and Responsementioning

confidence: 99%

On the Robustness of ML-Based Network Intrusion Detection Systems: An Adversarial and Distribution Shift Perspective

Wang,

Yang,

Gunasinghe

et al. 2023

Computers

View full text Add to dashboard Cite

show abstract

A Self-supervised Adversarial Learning Approach for Network Intrusion Detection System

Deng

Zhao

Bao

2022

Communications in Computer and Information Science

View full text Add to dashboard Cite

The network intrusion detection system (NIDS) plays an essential role in network security. Although many data-driven approaches from the field of machine learning have been proposed to increase the efficacy of NIDSs, it still suffers from extreme data imbalance and the performance of existing algorithms depends highly on training datasets. To counterpart the class-imbalanced problem in network intrusion detection, it is necessary for models to capture more representative clues within same categories instead of learning from only classification loss. In this paper, we proposed a self-supervised adversarial learning approach for intrusion detection, which utilize instance-level discrimination for better representation learning and employs a adversarial perturbation styled data augmentation to improve the robustness of NIDS on rarely seen attacking types. State-of-the-art result was achieved on multiple frequently-used datasets and experiment conducted on cross-dataset setting demonstrated good generalization ability.

show abstract

An Android Malware Detection and Classification Approach Based on Contrastive Lerning

Yang

Wang²,

Xu³

et al. 2022

Computers & Security

View full text Add to dashboard Cite

ConFlow: Contrast Network Flow Improving Class-Imbalanced Learning in Network Intrusion Detection

Cited by 3 publications

References 32 publications

On the Robustness of ML-Based Network Intrusion Detection Systems: An Adversarial and Distribution Shift Perspective

On the Robustness of ML-Based Network Intrusion Detection Systems: An Adversarial and Distribution Shift Perspective

A Self-supervised Adversarial Learning Approach for Network Intrusion Detection System

An Android Malware Detection and Classification Approach Based on Contrastive Lerning

Contact Info

Product

Resources

About