Intrusion detection System (IDS) is an evolving research area in cyber security, which aims to detect cyber-intrusions. Machine Learning, especially deep learning classifiers, offers promising solutions for signature-based intrusion detection provided there are abundant labeled examples. However, effectiveness of deep learning is hindered for zero-day attack detection due to lack of labelled examples; anomaly-based detection approaches often result in high FPR. Transfer Learning (TL) offers methodologies for building classifiers in a target domain containing minimal or no labelled data, leveraging the knowledge extracted from related source domain(s). When applied to zero-day attack detection, Transfer Learning models known attack data as source domain and descriptions of zero-day attacks as target domain with possible differences either in the feature space or in the proportions of attack to normal instances or both. The authors built a TL-based prototype using NSL-KDD dataset for experimentation on unification of feature space for detecting unlabeled R2L samples representing zero-day attacks from normal instances using labelled DoS samples. The proposed TL based classifier achieved 89.79% accuracy and 0.15% FPR which is higher than the state-of-the-art methods.
CITATION STYLE
Sameera, N., & Shashi, M. (2019). Transfer learning based prototype for zero-day attack detection. International Journal of Engineering and Advanced Technology, 8(4), 1326–1329.
Mendeley helps you to discover research relevant for your work.