D6546048419 - International Journal of Engineering and Advanced Technology (IJEAT)

Transfer Learning Based Prototype for Zero-Day Attack Detection
Nerella Sameera¹, M. Shashi²
¹Nerella Sameera, Department of Computer Science & Systems Engineering, Andhra University College of Engineering, Andhra University, Visakhapatnam (A.P), India.
²M. Shashi, Department of Computer Science & Systems Engineering, Andhra University College of Engineering, Andhra University, Visakhapatnam (A.P), India.
Manuscript received on 18 April 2019 | Revised Manuscript received on 25 April 2019 | Manuscript published on 30 April 2019 | PP: 1326-1328 | Volume-8 Issue-4, April 2019 | Retrieval Number: D6546048419/19©BEIESP
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)

Abstract: Intrusion detection System (IDS) is an evolving research area in cyber security, which aims to detect cyber-intrusions. Machine Learning, especially deep learning classifiers, offers promising solutions for signature-based intrusion detection provided there are abundant labeled examples. However, effectiveness of deep learning is hindered for zero-day attack detection due to lack of labelled examples; anomaly-based detection approaches often result in high FPR. Transfer Learning (TL) offers methodologies for building classifiers in a target domain containing minimal or no labelled data, leveraging the knowledge extracted from related source domain(s). When applied to zero-day attack detection, Transfer Learning models known attack data as source domain and descriptions of zero-day attacks as target domain with possible differences either in the feature space or in the proportions of attack to normal instances or both. The authors built a TL-based prototype using NSL-KDD dataset for experimentation on unification of feature space for detecting unlabeled R2L samples representing zero-day attacks from normal instances using labelled DoS samples. The proposed TL based classifier achieved 89.79% accuracy and 0.15% FPR which is higher than the state-of-the-art methods.
Keywords: Intrusion, Source Domain, Target Domain, Transfer Learning, Transformation, Zero-day attack
Scope of the Article: Deep Learning

Download PDF

JOURNAL

REQUIREMENTS

PRODUCT

CONTACT US