3D-IDS: Doubly Disentangled Dynamic Intrusion Detection
- URL: http://arxiv.org/abs/2307.11079v1
- Date: Sun, 2 Jul 2023 00:26:26 GMT
- Title: 3D-IDS: Doubly Disentangled Dynamic Intrusion Detection
- Authors: Chenyang Qiu, Yingsheng Geng, Junrui Lu, Kaida Chen, Shitong Zhu, Ya
Su, Guoshun Nan, Can Zhang, Junsong Fu, Qimei Cui, Xiaofeng Tao
- Abstract summary: Network-based intrusion detection system (NIDS) monitors network traffic for malicious activities.
Existing methods perform inconsistently in declaring various unknown attacks or detecting diverse known attacks.
We propose 3D-IDS, a novel method that aims to tackle the above issues through two-step feature disentanglements and a dynamic graph diffusion scheme.
- Score: 24.293504468229678
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Network-based intrusion detection system (NIDS) monitors network traffic for
malicious activities, forming the frontline defense against increasing attacks
over information infrastructures. Although promising, our quantitative analysis
shows that existing methods perform inconsistently in declaring various unknown
attacks (e.g., 9% and 35% F1 respectively for two distinct unknown threats for
an SVM-based method) or detecting diverse known attacks (e.g., 31% F1 for the
Backdoor and 93% F1 for DDoS by a GCN-based state-of-the-art method), and
reveals that the underlying cause is entangled distributions of flow features.
This motivates us to propose 3D-IDS, a novel method that aims to tackle the
above issues through two-step feature disentanglements and a dynamic graph
diffusion scheme. Specifically, we first disentangle traffic features by a
non-parameterized optimization based on mutual information, automatically
differentiating tens and hundreds of complex features of various attacks. Such
differentiated features will be fed into a memory model to generate
representations, which are further disentangled to highlight the
attack-specific features. Finally, we use a novel graph diffusion method that
dynamically fuses the network topology for spatial-temporal aggregation in
evolving data streams. By doing so, we can effectively identify various attacks
in encrypted traffics, including unknown threats and known ones that are not
easily detected. Experiments show the superiority of our 3D-IDS. We also
demonstrate that our two-step feature disentanglements benefit the
explainability of NIDS.
Related papers
- CND-IDS: Continual Novelty Detection for Intrusion Detection Systems [7.196884299359838]
Intrusion detection systems (IDS) play a crucial role in IoT and network security by monitoring system data and alerting to suspicious activities.
Machine learning (ML) has emerged as a promising solution for IDS, offering highly accurate intrusion detection.
We propose CND-IDS, a continual novelty detection IDS framework which consists of (i) a learning-based feature extractor that continuously updates new feature representations of the system data, and (ii) a novelty detector that identifies new cyber attacks by leveraging principal component analysis (PCA) reconstruction.
arXiv Detail & Related papers (2025-02-19T20:47:22Z) - Attention Tracker: Detecting Prompt Injection Attacks in LLMs [62.247841717696765]
Large Language Models (LLMs) have revolutionized various domains but remain vulnerable to prompt injection attacks.
We introduce the concept of the distraction effect, where specific attention heads shift focus from the original instruction to the injected instruction.
We propose Attention Tracker, a training-free detection method that tracks attention patterns on instruction to detect prompt injection attacks.
arXiv Detail & Related papers (2024-11-01T04:05:59Z) - Coarse-to-Fine Proposal Refinement Framework for Audio Temporal Forgery Detection and Localization [60.899082019130766]
We introduce a frame-level detection network (FDN) and a proposal refinement network (PRN) for audio temporal forgery detection and localization.
FDN aims to mine informative inconsistency cues between real and fake frames to obtain discriminative features that are beneficial for roughly indicating forgery regions.
PRN is responsible for predicting confidence scores and regression offsets to refine the coarse-grained proposals derived from the FDN.
arXiv Detail & Related papers (2024-07-23T15:07:52Z) - Detection-Rate-Emphasized Multi-objective Evolutionary Feature Selection for Network Intrusion Detection [21.104686670216445]
We propose DR-MOFS to model the feature selection problem in network intrusion detection as a three-objective optimization problem.
In most cases, the proposed method can outperform previous methods, i.e., lead to fewer features, higher accuracy and detection rate.
arXiv Detail & Related papers (2024-06-13T14:42:17Z) - Learning diverse attacks on large language models for robust red-teaming and safety tuning [126.32539952157083]
Red-teaming, or identifying prompts that elicit harmful responses, is a critical step in ensuring the safe deployment of large language models.
We show that even with explicit regularization to favor novelty and diversity, existing approaches suffer from mode collapse or fail to generate effective attacks.
We propose to use GFlowNet fine-tuning, followed by a secondary smoothing phase, to train the attacker model to generate diverse and effective attack prompts.
arXiv Detail & Related papers (2024-05-28T19:16:17Z) - An incremental hybrid adaptive network-based IDS in Software Defined Networks to detect stealth attacks [0.0]
Advanced Persistent Threats (APTs) are a type of attack that implement a wide range of strategies to evade detection.
Machine Learning (ML) techniques in Intrusion Detection Systems (IDSs) is widely used to detect such attacks but has a challenge when the data distribution changes.
An incremental hybrid adaptive Network Intrusion Detection System (NIDS) is proposed to tackle the issue of concept drift in SDN.
arXiv Detail & Related papers (2024-04-01T13:33:40Z) - Exploring Highly Quantised Neural Networks for Intrusion Detection in
Automotive CAN [13.581341206178525]
Machine learning-based intrusion detection models have been shown to successfully detect multiple targeted attack vectors.
In this paper, we present a case for custom-quantised literature (CQMLP) as a multi-class classification model.
We show that the 2-bit CQMLP model, when integrated as the IDS, can detect malicious attack messages with a very high accuracy of 99.9%.
arXiv Detail & Related papers (2024-01-19T21:11:02Z) - TAD: Transfer Learning-based Multi-Adversarial Detection of Evasion
Attacks against Network Intrusion Detection Systems [0.7829352305480285]
We implement existing state-of-the-art models for intrusion detection.
We then attack those models with a set of chosen evasion attacks.
In an attempt to detect those adversarial attacks, we design and implement multiple transfer learning-based adversarial detectors.
arXiv Detail & Related papers (2022-10-27T18:02:58Z) - PSNet: Parallel Symmetric Network for Video Salient Object Detection [85.94443548452729]
We propose a VSOD network with up and down parallel symmetry, named PSNet.
Two parallel branches with different dominant modalities are set to achieve complete video saliency decoding.
arXiv Detail & Related papers (2022-10-12T04:11:48Z) - Downlink Power Allocation in Massive MIMO via Deep Learning: Adversarial
Attacks and Training [62.77129284830945]
This paper considers a regression problem in a wireless setting and shows that adversarial attacks can break the DL-based approach.
We also analyze the effectiveness of adversarial training as a defensive technique in adversarial settings and show that the robustness of DL-based wireless system against attacks improves significantly.
arXiv Detail & Related papers (2022-06-14T04:55:11Z) - Adversarial Attacks on Deep Learning Based Power Allocation in a Massive
MIMO Network [62.77129284830945]
We show that adversarial attacks can break DL-based power allocation in the downlink of a massive multiple-input-multiple-output (maMIMO) network.
We benchmark the performance of these attacks and show that with a small perturbation in the input of the neural network (NN), the white-box attacks can result in infeasible solutions up to 86%.
arXiv Detail & Related papers (2021-01-28T16:18:19Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.