Abstract |
Recent work has shown that deep learning (DL) techniques are highly effective for assisting network intrusion detection systems (NIDS) in identifying malicious attacks on networks. Training DL classification models, however, requires vast amounts of labeled data which is often expensive and time-consuming to collect. Also, DL models trained using data from one type of network may not be able to identify attacks on other types of network or identify new families of attacks discovered over time. In this paper, we propose and evaluate the use of adversarial domain adaptation to address the problem of scarcity of labeled training data in a dataset by transferring knowledge gained from an existing network intrusion detection (NID) dataset. Our approach works for scenarios where the source and target datasets have same or different feature spaces. We demonstrate that our proposed approach can create highly accurate DL classification models even when the number of labeled samples in the target dataset is significantly small. |