Network Intrusion Detection Model Based on Improved BYOL Self-Supervised Learning

The combination of deep learning and intrusion detection has become a hot topic in today’s network security. In the face of massive, high-dimensional network traffic with uneven sample distribution, how to be able to accurately detect anomalous traffic is the primary task of intrusion detection. Mos...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Zhendong Wang, Zeyu Li, Junling Wang, Dahai Li
Formato: article
Lenguaje:EN
Publicado: Hindawi-Wiley 2021
Materias:
Acceso en línea:https://doaj.org/article/610f37725d81425fa9970e803e066cec
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
id oai:doaj.org-article:610f37725d81425fa9970e803e066cec
record_format dspace
spelling oai:doaj.org-article:610f37725d81425fa9970e803e066cec2021-11-08T02:35:37ZNetwork Intrusion Detection Model Based on Improved BYOL Self-Supervised Learning1939-012210.1155/2021/9486949https://doaj.org/article/610f37725d81425fa9970e803e066cec2021-01-01T00:00:00Zhttp://dx.doi.org/10.1155/2021/9486949https://doaj.org/toc/1939-0122The combination of deep learning and intrusion detection has become a hot topic in today’s network security. In the face of massive, high-dimensional network traffic with uneven sample distribution, how to be able to accurately detect anomalous traffic is the primary task of intrusion detection. Most research on intrusion detection systems based on network anomalous traffic detection has focused on supervised learning; however, the process of obtaining labeled data often requires a lot of time and effort, as well as the support of network experts. Therefore, it is worthwhile investigating the development of label-free self-supervised learning-based approaches called BYOL which is a simple and elegant framework with sufficiently powerful feature extraction capabilities for intrusion detection systems. In this paper, we propose a new data augmentation strategy for intrusion detection data and an intrusion detection model based on label-free self-supervised learning, using a new data augmentation strategy to introduce a perturbation enhancement model to learn invariant feature representation capability and an improved BYOL self-supervised learning method to train the UNSW-NB15 intrusion detection dataset without labels to extract network traffic feature representations. Linear evaluation on UNSW-NB15 and transfer learning on NSK-KDD, KDD CUP99, CIC IDS2017, and CIDDS_001 achieve excellent performance in all metrics.Zhendong WangZeyu LiJunling WangDahai LiHindawi-WileyarticleTechnology (General)T1-995Science (General)Q1-390ENSecurity and Communication Networks, Vol 2021 (2021)
institution DOAJ
collection DOAJ
language EN
topic Technology (General)
T1-995
Science (General)
Q1-390
spellingShingle Technology (General)
T1-995
Science (General)
Q1-390
Zhendong Wang
Zeyu Li
Junling Wang
Dahai Li
Network Intrusion Detection Model Based on Improved BYOL Self-Supervised Learning
description The combination of deep learning and intrusion detection has become a hot topic in today’s network security. In the face of massive, high-dimensional network traffic with uneven sample distribution, how to be able to accurately detect anomalous traffic is the primary task of intrusion detection. Most research on intrusion detection systems based on network anomalous traffic detection has focused on supervised learning; however, the process of obtaining labeled data often requires a lot of time and effort, as well as the support of network experts. Therefore, it is worthwhile investigating the development of label-free self-supervised learning-based approaches called BYOL which is a simple and elegant framework with sufficiently powerful feature extraction capabilities for intrusion detection systems. In this paper, we propose a new data augmentation strategy for intrusion detection data and an intrusion detection model based on label-free self-supervised learning, using a new data augmentation strategy to introduce a perturbation enhancement model to learn invariant feature representation capability and an improved BYOL self-supervised learning method to train the UNSW-NB15 intrusion detection dataset without labels to extract network traffic feature representations. Linear evaluation on UNSW-NB15 and transfer learning on NSK-KDD, KDD CUP99, CIC IDS2017, and CIDDS_001 achieve excellent performance in all metrics.
format article
author Zhendong Wang
Zeyu Li
Junling Wang
Dahai Li
author_facet Zhendong Wang
Zeyu Li
Junling Wang
Dahai Li
author_sort Zhendong Wang
title Network Intrusion Detection Model Based on Improved BYOL Self-Supervised Learning
title_short Network Intrusion Detection Model Based on Improved BYOL Self-Supervised Learning
title_full Network Intrusion Detection Model Based on Improved BYOL Self-Supervised Learning
title_fullStr Network Intrusion Detection Model Based on Improved BYOL Self-Supervised Learning
title_full_unstemmed Network Intrusion Detection Model Based on Improved BYOL Self-Supervised Learning
title_sort network intrusion detection model based on improved byol self-supervised learning
publisher Hindawi-Wiley
publishDate 2021
url https://doaj.org/article/610f37725d81425fa9970e803e066cec
work_keys_str_mv AT zhendongwang networkintrusiondetectionmodelbasedonimprovedbyolselfsupervisedlearning
AT zeyuli networkintrusiondetectionmodelbasedonimprovedbyolselfsupervisedlearning
AT junlingwang networkintrusiondetectionmodelbasedonimprovedbyolselfsupervisedlearning
AT dahaili networkintrusiondetectionmodelbasedonimprovedbyolselfsupervisedlearning
_version_ 1718443189939994624