netFound: Foundation Model for Network Security
- URL: http://arxiv.org/abs/2310.17025v2
- Date: Tue, 28 Nov 2023 01:44:32 GMT
- Title: netFound: Foundation Model for Network Security
- Authors: Satyandra Guthula, Navya Battula, Roman Beltiukov, Wenbo Guo, Arpit
Gupta
- Abstract summary: We develop netFound, a foundational model for network security.
Our experiments demonstrate netFound's superiority over existing state-of-the-art ML-based solutions.
- Score: 12.062547301932966
- License: http://creativecommons.org/licenses/by-sa/4.0/
- Abstract: In ML for network security, traditional workflows rely on high-quality
labeled data and manual feature engineering, but limited datasets and human
expertise hinder feature selection, leading to models struggling to capture
crucial relationships and generalize effectively. Inspired by recent
advancements in ML application domains like GPT-4 and Vision Transformers, we
have developed netFound, a foundational model for network security. This model
undergoes pre-training using self-supervised algorithms applied to readily
available unlabeled network packet traces. netFound's design incorporates
hierarchical and multi-modal attributes of network traffic, effectively
capturing hidden networking contexts, including application logic,
communication protocols, and network conditions.
With this pre-trained foundation in place, we can fine-tune netFound for a
wide array of downstream tasks, even when dealing with low-quality, limited,
and noisy labeled data. Our experiments demonstrate netFound's superiority over
existing state-of-the-art ML-based solutions across three distinct network
downstream tasks: traffic classification, network intrusion detection, and APT
detection. Furthermore, we emphasize netFound's robustness against noisy and
missing labels, as well as its ability to generalize across temporal variations
and diverse network environments. Finally, through a series of ablation
studies, we provide comprehensive insights into how our design choices enable
netFound to more effectively capture hidden networking contexts, further
solidifying its performance and utility in network security applications.
Related papers
- Lens: A Foundation Model for Network Traffic in Cybersecurity [18.372089452482133]
Lens is a foundation model for network traffic that leverages the T5 architecture to learn the pre-trained representations from large-scale unlabeled data.
We design a novel loss that combines three distinct tasks: Masked Span Prediction (MSP), Packet Order Prediction (POP), and Homologous Traffic Prediction (HTP)
arXiv Detail & Related papers (2024-02-06T02:45:13Z) - Fault Detection in Telecom Networks using Bi-level Federated Graph
Neural Networks [0.0]
The complexity and diversity of Telecom networks place an increasing strain on maintenance and operation efforts.
Strict security and privacy requirements present a challenge for mobile operators to leverage network data.
We propose a Bi-level Federated Graph Neural Network anomaly detection and diagnosis model.
arXiv Detail & Related papers (2023-11-24T13:23:54Z) - Towards Intelligent Network Management: Leveraging AI for Network
Service Detection [0.0]
This study focuses on leveraging Machine Learning methodologies to create an advanced network traffic classification system.
We introduce a novel data-driven approach that excels in identifying various network service types in real-time.
Our system demonstrates a remarkable accuracy in distinguishing the network services.
arXiv Detail & Related papers (2023-10-14T16:06:11Z) - NetGPT: Generative Pretrained Transformer for Network Traffic [4.205009931131087]
Pretrained models for network traffic can utilize large-scale raw data to learn the essential characteristics of network traffic.
In this paper, we make the first attempt to provide a generative pretrained model NetGPT for both traffic understanding and generation tasks.
arXiv Detail & Related papers (2023-04-19T09:04:30Z) - Leveraging a Probabilistic PCA Model to Understand the Multivariate
Statistical Network Monitoring Framework for Network Security Anomaly
Detection [64.1680666036655]
We revisit anomaly detection techniques based on PCA from a probabilistic generative model point of view.
We have evaluated the mathematical model using two different datasets.
arXiv Detail & Related papers (2023-02-02T13:41:18Z) - Federated Deep Learning Meets Autonomous Vehicle Perception: Design and
Verification [168.67190934250868]
Federated learning empowered connected autonomous vehicle (FLCAV) has been proposed.
FLCAV preserves privacy while reducing communication and annotation costs.
It is challenging to determine the network resources and road sensor poses for multi-stage training.
arXiv Detail & Related papers (2022-06-03T23:55:45Z) - A Lightweight, Efficient and Explainable-by-Design Convolutional Neural
Network for Internet Traffic Classification [9.365794791156972]
This paper introduces a new Lightweight, Efficient and eXplainable-by-design convolutional neural network (LEXNet) for Internet traffic classification.
LEXNet relies on a new residual block (for lightweight and efficiency purposes) and prototype layer (for explainability)
Based on a commercial-grade dataset, our evaluation shows that LEXNet succeeds to maintain the same accuracy as the best performing state-of-the-art neural network.
arXiv Detail & Related papers (2022-02-11T10:21:34Z) - Unsupervised Domain-adaptive Hash for Networks [81.49184987430333]
Domain-adaptive hash learning has enjoyed considerable success in the computer vision community.
We develop an unsupervised domain-adaptive hash learning method for networks, dubbed UDAH.
arXiv Detail & Related papers (2021-08-20T12:09:38Z) - Semi-supervised Network Embedding with Differentiable Deep Quantisation [81.49184987430333]
We develop d-SNEQ, a differentiable quantisation method for network embedding.
d-SNEQ incorporates a rank loss to equip the learned quantisation codes with rich high-order information.
It is able to substantially compress the size of trained embeddings, thus reducing storage footprint and accelerating retrieval speed.
arXiv Detail & Related papers (2021-08-20T11:53:05Z) - Anomaly Detection on Attributed Networks via Contrastive Self-Supervised
Learning [50.24174211654775]
We present a novel contrastive self-supervised learning framework for anomaly detection on attributed networks.
Our framework fully exploits the local information from network data by sampling a novel type of contrastive instance pair.
A graph neural network-based contrastive learning model is proposed to learn informative embedding from high-dimensional attributes and local structure.
arXiv Detail & Related papers (2021-02-27T03:17:20Z) - Deep Learning for Ultra-Reliable and Low-Latency Communications in 6G
Networks [84.2155885234293]
We first summarize how to apply data-driven supervised deep learning and deep reinforcement learning in URLLC.
To address these open problems, we develop a multi-level architecture that enables device intelligence, edge intelligence, and cloud intelligence for URLLC.
arXiv Detail & Related papers (2020-02-22T14:38:11Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.