Preparing Network Intrusion Detection Deep Learning Models with Minimal Data Using Adversarial Domain Adaptation

Abstract Recent work has shown that deep learning (DL) techniques are highly effective for assisting network intrusion detection systems (NIDS) in identifying malicious attacks on networks. Training DL classification models, however, requires vast amounts of labeled data which is often expensive and time-consuming to collect. Also, DL models trained using data from one type of network may not be able to identify attacks on other types of network or identify new families of attacks discovered over time. In this paper, we propose and evaluate the use of adversarial domain adaptation to address the problem of scarcity of labeled training data in a dataset by transferring knowledge gained from an existing network intrusion detection (NID) dataset. Our approach works for scenarios where the source and target datasets have same or different feature spaces. We demonstrate that our proposed approach can create highly accurate DL classification models even when the number of labeled samples in the target dataset is significantly small.
Authors
  • Ankush Singla (Purdue)
  • Elisa Bertino (Purdue)
  • Dinesh Verma (IBM US)
Date Oct-2020
Venue ASIA CCS 2020 [link]