Learning in Multiple Spaces: Few-Shot Network Attack Detection with Metric-Fused Prototypical Networks

• URL: http://arxiv.org/abs/2501.00050v1
• Date: Sat, 28 Dec 2024 00:09:46 GMT
• Title: Learning in Multiple Spaces: Few-Shot Network Attack Detection with Metric-Fused Prototypical Networks
• Authors: Fernando Martinez-Lopez, Lesther Santana, Mohamed Rahouti,
• Abstract summary: We propose a novel Multi-Space Prototypical Learning framework tailored for few-shot attack detection. By leveraging Polyak-averaged prototype generation, the framework stabilizes the learning process and effectively adapts to rare and zero-day attacks. Experimental results on benchmark datasets demonstrate that MSPL outperforms traditional approaches in detecting low-profile and novel attack types.
• Score: 47.18575262588692
• License:
• Abstract: Network intrusion detection systems face significant challenges in identifying emerging attack patterns, especially when limited data samples are available. To address this, we propose a novel Multi-Space Prototypical Learning (MSPL) framework tailored for few-shot attack detection. The framework operates across multiple metric spaces-Euclidean, Cosine, Chebyshev, and Wasserstein distances-integrated through a constrained weighting scheme to enhance embedding robustness and improve pattern recognition. By leveraging Polyak-averaged prototype generation, the framework stabilizes the learning process and effectively adapts to rare and zero-day attacks. Additionally, an episodic training paradigm ensures balanced representation across diverse attack classes, enabling robust generalization. Experimental results on benchmark datasets demonstrate that MSPL outperforms traditional approaches in detecting low-profile and novel attack types, establishing it as a robust solution for zero-day attack detection.

Related papers

• Few Edges Are Enough: Few-Shot Network Attack Detection with Graph Neural Networks [0.0]
  This paper introduces Few Edges Are Enough (FEAE) to better distinguish between false positive anomalies and actual attacks. FEAE achieves competitive performance on two well-known network datasets.
  arXiv  Detail & Related papers  (2025-01-28T14:07:52Z)
• Learning to Learn Transferable Generative Attack for Person Re-Identification [17.26567195924685]
  Existing attacks merely consider cross-dataset and cross-model transferability, ignoring the cross-test capability to perturb models trained in different domains. To powerfully examine the robustness of real-world re-id models, the Meta Transferable Generative Attack (MTGA) method is proposed. Our MTGA outperforms the SOTA methods by 21.5% and 11.3% on mean mAP drop rate, respectively.
  arXiv  Detail & Related papers  (2024-09-06T11:57:17Z)
• Open-Set Deepfake Detection: A Parameter-Efficient Adaptation Method with Forgery Style Mixture [58.60915132222421]
  We introduce an approach that is both general and parameter-efficient for face forgery detection. We design a forgery-style mixture formulation that augments the diversity of forgery source domains. We show that the designed model achieves state-of-the-art generalizability with significantly reduced trainable parameters.
  arXiv  Detail & Related papers  (2024-08-23T01:53:36Z)
• Multi-agent Reinforcement Learning-based Network Intrusion Detection System [3.4636217357968904]
  Intrusion Detection Systems (IDS) play a crucial role in ensuring the security of computer networks. We propose a novel multi-agent reinforcement learning (RL) architecture, enabling automatic, efficient, and robust network intrusion detection. Our solution introduces a resilient architecture designed to accommodate the addition of new attacks and effectively adapt to changes in existing attack patterns.
  arXiv  Detail & Related papers  (2024-07-08T09:18:59Z)
• usfAD Based Effective Unknown Attack Detection Focused IDS Framework [3.560574387648533]
  Internet of Things (IoT) and Industrial Internet of Things (IIoT) have led to an increasing range of cyber threats. For more than a decade, researchers have delved into supervised machine learning techniques to develop Intrusion Detection System (IDS) IDS trained and tested on known datasets fails in detecting zero-day or unknown attacks. We propose two strategies for semi-supervised learning based IDS where training samples of attacks are not required.
  arXiv  Detail & Related papers  (2024-03-17T11:49:57Z)
• Improving robustness of jet tagging algorithms with adversarial training [56.79800815519762]
  We investigate the vulnerability of flavor tagging algorithms via application of adversarial attacks. We present an adversarial training strategy that mitigates the impact of such simulated attacks.
  arXiv  Detail & Related papers  (2022-03-25T19:57:19Z)
• CC-Cert: A Probabilistic Approach to Certify General Robustness of Neural Networks [58.29502185344086]
  In safety-critical machine learning applications, it is crucial to defend models against adversarial attacks. It is important to provide provable guarantees for deep learning models against semantically meaningful input transformations. We propose a new universal probabilistic certification approach based on Chernoff-Cramer bounds.
  arXiv  Detail & Related papers  (2021-09-22T12:46:04Z)
• Learning and Certification under Instance-targeted Poisoning [49.55596073963654]
  We study PAC learnability and certification under instance-targeted poisoning attacks. We show that when the budget of the adversary scales sublinearly with the sample complexity, PAC learnability and certification are achievable. We empirically study the robustness of K nearest neighbour, logistic regression, multi-layer perceptron, and convolutional neural network on real data sets.
  arXiv  Detail & Related papers  (2021-05-18T17:48:15Z)
• A Hamiltonian Monte Carlo Method for Probabilistic Adversarial Attack and Learning [122.49765136434353]
  We present an effective method, called Hamiltonian Monte Carlo with Accumulated Momentum (HMCAM), aiming to generate a sequence of adversarial examples. We also propose a new generative method called Contrastive Adversarial Training (CAT), which approaches equilibrium distribution of adversarial examples. Both quantitative and qualitative analysis on several natural image datasets and practical systems have confirmed the superiority of the proposed algorithm.
  arXiv  Detail & Related papers  (2020-10-15T16:07:26Z)
• Unseen Face Presentation Attack Detection Using Class-Specific Sparse One-Class Multiple Kernel Fusion Regression [15.000818334408802]
  The paper addresses face presentation attack detection in the challenging conditions of an unseen attack scenario. A pure one-class face presentation attack detection approach based on kernel regression is developed.
  arXiv  Detail & Related papers  (2019-12-31T11:53:20Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.