EMTD-SSC: An Enhanced Malicious Traffic Detection Model Using Transfer Learning Under Small Sample Conditions in IoT

In the Internet of Things (IoT) scenario, the device diversity and data sparsity present a significant challenge for malicious traffic detection, notably the "small sample problem" where insufficient data hampers the performance of the deep learning methods that depend on large volumes of...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	IEEE internet of things journal 2024-10, Vol.11 (19), p.30725-30741
Hauptverfasser:	Ge, Yueqin, Gao, Yali, Li, Xiaoyong, Cai, Binsi, Xi, Jinwen, Yu, Shui
Format:	Artikel
Sprache:	eng
Schlagworte:	Adaptation models Anomalies Computational modeling Data models Datasets Deep learning Domain adaptation Effectiveness Information transfer Internet of Things Intrusion detection Intrusion detection systems Knowledge management Labels Machine learning malicious traffic detection Multilayers residual convolutional autoencoder (RCAE) small sample Target detection Transfer learning transfer learning (TL)
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	30741
container_issue	19
container_start_page	30725
container_title	IEEE internet of things journal
container_volume	11
creator	Ge, Yueqin Gao, Yali Li, Xiaoyong Cai, Binsi Xi, Jinwen Yu, Shui
description	In the Internet of Things (IoT) scenario, the device diversity and data sparsity present a significant challenge for malicious traffic detection, notably the "small sample problem" where insufficient data hampers the performance of the deep learning methods that depend on large volumes of labeled data for training. Transfer learning (TL) has the capability to transfer knowledge from a label-rich but heterogeneous domain to a label-sparse domain, making it a powerful tool for addressing challenges in IoT malicious traffic detection. To address these challenges, we introduce the EMTD-SSC model, a novel enhanced malicious traffic detection model that leverages TL under small sample conditions in IoT environments. Initially, our approach includes a comprehensive labeled data set that merges a small-scale IoT intrusion detection domain with the traditional intrusion detection domain to enrich semantic information transfer from the source to target domains. The EMTD-SSC model employs dual residual convolutional autoencoders for robust feature extraction and transfer, incorporating skip connections to expedite the model convergence and minimize information loss. Furthermore, to optimize transfer efficiency, we minimize the multilayer multi kernel maximum mean discrepancy (MLMK-MMD) across corresponding network layers, facilitating effective domain adaptation. Through unsupervised training and subsequent fine tuning on the target domain data, the model significantly enhances anomaly detection capabilities. Extensive experiments on the two well-known public data sets demonstrate that the EMTD-SSC model's effectiveness, achieving an impressive 94.8% accuracy in the binary classification tasks.
doi_str_mv	10.1109/JIOT.2024.3413580
format	Article
fullrecord	<record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_ieee_primary_10555423</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10555423</ieee_id><sourcerecordid>3110462864</sourcerecordid><originalsourceid>FETCH-LOGICAL-c176t-3b435efca6f941803846459c321312bfcdbb682bce6cc02bc73fb91f0764d0783</originalsourceid><addsrcrecordid>eNpNkDtPwzAUhS0EElXpD0BisMSc4lechK0KBYpadUg6W45jg6vULnY68O9J1A6dzn2cc6_0AfCI0RxjVLx8rbb1nCDC5pRhmuboBkwIJVnCOCe3V_U9mMW4RwgNsRQXfAL65aZ-S6qqfIULB5fuRzqlW7iRnVXWnyKsgzTGKvime6166x3c-FZ3cBet-x63Lhod4FrL4MbJzrVDWx1k18FKHo6dhqV3rR2jEVoHV75-AHdGdlHPLjoFu_dlXX4m6-3HqlysE4Uz3ie0YTTVRkluCoZzRHPGWVooSjDFpDGqbRqek0ZprhQaNKOmKbBBGWctynI6Bc_nu8fgf0869mLvT8ENLwUdCDBOcs4GFz67VPAxBm3EMdiDDH8CIzHyFSNfMfIVF75D5umcsVrrK3-apoxQ-g91oXVL</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>3110462864</pqid></control><display><type>article</type><title>EMTD-SSC: An Enhanced Malicious Traffic Detection Model Using Transfer Learning Under Small Sample Conditions in IoT</title><source>IEEE Electronic Library (IEL)</source><creator>Ge, Yueqin ; Gao, Yali ; Li, Xiaoyong ; Cai, Binsi ; Xi, Jinwen ; Yu, Shui</creator><creatorcontrib>Ge, Yueqin ; Gao, Yali ; Li, Xiaoyong ; Cai, Binsi ; Xi, Jinwen ; Yu, Shui</creatorcontrib><description>In the Internet of Things (IoT) scenario, the device diversity and data sparsity present a significant challenge for malicious traffic detection, notably the "small sample problem" where insufficient data hampers the performance of the deep learning methods that depend on large volumes of labeled data for training. Transfer learning (TL) has the capability to transfer knowledge from a label-rich but heterogeneous domain to a label-sparse domain, making it a powerful tool for addressing challenges in IoT malicious traffic detection. To address these challenges, we introduce the EMTD-SSC model, a novel enhanced malicious traffic detection model that leverages TL under small sample conditions in IoT environments. Initially, our approach includes a comprehensive labeled data set that merges a small-scale IoT intrusion detection domain with the traditional intrusion detection domain to enrich semantic information transfer from the source to target domains. The EMTD-SSC model employs dual residual convolutional autoencoders for robust feature extraction and transfer, incorporating skip connections to expedite the model convergence and minimize information loss. Furthermore, to optimize transfer efficiency, we minimize the multilayer multi kernel maximum mean discrepancy (MLMK-MMD) across corresponding network layers, facilitating effective domain adaptation. Through unsupervised training and subsequent fine tuning on the target domain data, the model significantly enhances anomaly detection capabilities. Extensive experiments on the two well-known public data sets demonstrate that the EMTD-SSC model's effectiveness, achieving an impressive 94.8% accuracy in the binary classification tasks.</description><identifier>ISSN: 2327-4662</identifier><identifier>EISSN: 2327-4662</identifier><identifier>DOI: 10.1109/JIOT.2024.3413580</identifier><identifier>CODEN: IITJAU</identifier><language>eng</language><publisher>Piscataway: IEEE</publisher><subject>Adaptation models ; Anomalies ; Computational modeling ; Data models ; Datasets ; Deep learning ; Domain adaptation ; Effectiveness ; Information transfer ; Internet of Things ; Intrusion detection ; Intrusion detection systems ; Knowledge management ; Labels ; Machine learning ; malicious traffic detection ; Multilayers ; residual convolutional autoencoder (RCAE) ; small sample ; Target detection ; Transfer learning ; transfer learning (TL)</subject><ispartof>IEEE internet of things journal, 2024-10, Vol.11 (19), p.30725-30741</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2024</rights><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c176t-3b435efca6f941803846459c321312bfcdbb682bce6cc02bc73fb91f0764d0783</cites><orcidid>0000-0003-0458-8481 ; 0000-0002-7504-3457 ; 0000-0001-8337-4232 ; 0000-0001-5597-9306 ; 0000-0003-4485-6743</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10555423$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,780,784,796,27924,27925,54758</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/10555423$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Ge, Yueqin</creatorcontrib><creatorcontrib>Gao, Yali</creatorcontrib><creatorcontrib>Li, Xiaoyong</creatorcontrib><creatorcontrib>Cai, Binsi</creatorcontrib><creatorcontrib>Xi, Jinwen</creatorcontrib><creatorcontrib>Yu, Shui</creatorcontrib><title>EMTD-SSC: An Enhanced Malicious Traffic Detection Model Using Transfer Learning Under Small Sample Conditions in IoT</title><title>IEEE internet of things journal</title><addtitle>JIoT</addtitle><description>In the Internet of Things (IoT) scenario, the device diversity and data sparsity present a significant challenge for malicious traffic detection, notably the "small sample problem" where insufficient data hampers the performance of the deep learning methods that depend on large volumes of labeled data for training. Transfer learning (TL) has the capability to transfer knowledge from a label-rich but heterogeneous domain to a label-sparse domain, making it a powerful tool for addressing challenges in IoT malicious traffic detection. To address these challenges, we introduce the EMTD-SSC model, a novel enhanced malicious traffic detection model that leverages TL under small sample conditions in IoT environments. Initially, our approach includes a comprehensive labeled data set that merges a small-scale IoT intrusion detection domain with the traditional intrusion detection domain to enrich semantic information transfer from the source to target domains. The EMTD-SSC model employs dual residual convolutional autoencoders for robust feature extraction and transfer, incorporating skip connections to expedite the model convergence and minimize information loss. Furthermore, to optimize transfer efficiency, we minimize the multilayer multi kernel maximum mean discrepancy (MLMK-MMD) across corresponding network layers, facilitating effective domain adaptation. Through unsupervised training and subsequent fine tuning on the target domain data, the model significantly enhances anomaly detection capabilities. Extensive experiments on the two well-known public data sets demonstrate that the EMTD-SSC model's effectiveness, achieving an impressive 94.8% accuracy in the binary classification tasks.</description><subject>Adaptation models</subject><subject>Anomalies</subject><subject>Computational modeling</subject><subject>Data models</subject><subject>Datasets</subject><subject>Deep learning</subject><subject>Domain adaptation</subject><subject>Effectiveness</subject><subject>Information transfer</subject><subject>Internet of Things</subject><subject>Intrusion detection</subject><subject>Intrusion detection systems</subject><subject>Knowledge management</subject><subject>Labels</subject><subject>Machine learning</subject><subject>malicious traffic detection</subject><subject>Multilayers</subject><subject>residual convolutional autoencoder (RCAE)</subject><subject>small sample</subject><subject>Target detection</subject><subject>Transfer learning</subject><subject>transfer learning (TL)</subject><issn>2327-4662</issn><issn>2327-4662</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNpNkDtPwzAUhS0EElXpD0BisMSc4lechK0KBYpadUg6W45jg6vULnY68O9J1A6dzn2cc6_0AfCI0RxjVLx8rbb1nCDC5pRhmuboBkwIJVnCOCe3V_U9mMW4RwgNsRQXfAL65aZ-S6qqfIULB5fuRzqlW7iRnVXWnyKsgzTGKvime6166x3c-FZ3cBet-x63Lhod4FrL4MbJzrVDWx1k18FKHo6dhqV3rR2jEVoHV75-AHdGdlHPLjoFu_dlXX4m6-3HqlysE4Uz3ie0YTTVRkluCoZzRHPGWVooSjDFpDGqbRqek0ZprhQaNKOmKbBBGWctynI6Bc_nu8fgf0869mLvT8ENLwUdCDBOcs4GFz67VPAxBm3EMdiDDH8CIzHyFSNfMfIVF75D5umcsVrrK3-apoxQ-g91oXVL</recordid><startdate>20241001</startdate><enddate>20241001</enddate><creator>Ge, Yueqin</creator><creator>Gao, Yali</creator><creator>Li, Xiaoyong</creator><creator>Cai, Binsi</creator><creator>Xi, Jinwen</creator><creator>Yu, Shui</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0003-0458-8481</orcidid><orcidid>https://orcid.org/0000-0002-7504-3457</orcidid><orcidid>https://orcid.org/0000-0001-8337-4232</orcidid><orcidid>https://orcid.org/0000-0001-5597-9306</orcidid><orcidid>https://orcid.org/0000-0003-4485-6743</orcidid></search><sort><creationdate>20241001</creationdate><title>EMTD-SSC: An Enhanced Malicious Traffic Detection Model Using Transfer Learning Under Small Sample Conditions in IoT</title><author>Ge, Yueqin ; Gao, Yali ; Li, Xiaoyong ; Cai, Binsi ; Xi, Jinwen ; Yu, Shui</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c176t-3b435efca6f941803846459c321312bfcdbb682bce6cc02bc73fb91f0764d0783</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Adaptation models</topic><topic>Anomalies</topic><topic>Computational modeling</topic><topic>Data models</topic><topic>Datasets</topic><topic>Deep learning</topic><topic>Domain adaptation</topic><topic>Effectiveness</topic><topic>Information transfer</topic><topic>Internet of Things</topic><topic>Intrusion detection</topic><topic>Intrusion detection systems</topic><topic>Knowledge management</topic><topic>Labels</topic><topic>Machine learning</topic><topic>malicious traffic detection</topic><topic>Multilayers</topic><topic>residual convolutional autoencoder (RCAE)</topic><topic>small sample</topic><topic>Target detection</topic><topic>Transfer learning</topic><topic>transfer learning (TL)</topic><toplevel>online_resources</toplevel><creatorcontrib>Ge, Yueqin</creatorcontrib><creatorcontrib>Gao, Yali</creatorcontrib><creatorcontrib>Li, Xiaoyong</creatorcontrib><creatorcontrib>Cai, Binsi</creatorcontrib><creatorcontrib>Xi, Jinwen</creatorcontrib><creatorcontrib>Yu, Shui</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE internet of things journal</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Ge, Yueqin</au><au>Gao, Yali</au><au>Li, Xiaoyong</au><au>Cai, Binsi</au><au>Xi, Jinwen</au><au>Yu, Shui</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>EMTD-SSC: An Enhanced Malicious Traffic Detection Model Using Transfer Learning Under Small Sample Conditions in IoT</atitle><jtitle>IEEE internet of things journal</jtitle><stitle>JIoT</stitle><date>2024-10-01</date><risdate>2024</risdate><volume>11</volume><issue>19</issue><spage>30725</spage><epage>30741</epage><pages>30725-30741</pages><issn>2327-4662</issn><eissn>2327-4662</eissn><coden>IITJAU</coden><abstract>In the Internet of Things (IoT) scenario, the device diversity and data sparsity present a significant challenge for malicious traffic detection, notably the "small sample problem" where insufficient data hampers the performance of the deep learning methods that depend on large volumes of labeled data for training. Transfer learning (TL) has the capability to transfer knowledge from a label-rich but heterogeneous domain to a label-sparse domain, making it a powerful tool for addressing challenges in IoT malicious traffic detection. To address these challenges, we introduce the EMTD-SSC model, a novel enhanced malicious traffic detection model that leverages TL under small sample conditions in IoT environments. Initially, our approach includes a comprehensive labeled data set that merges a small-scale IoT intrusion detection domain with the traditional intrusion detection domain to enrich semantic information transfer from the source to target domains. The EMTD-SSC model employs dual residual convolutional autoencoders for robust feature extraction and transfer, incorporating skip connections to expedite the model convergence and minimize information loss. Furthermore, to optimize transfer efficiency, we minimize the multilayer multi kernel maximum mean discrepancy (MLMK-MMD) across corresponding network layers, facilitating effective domain adaptation. Through unsupervised training and subsequent fine tuning on the target domain data, the model significantly enhances anomaly detection capabilities. Extensive experiments on the two well-known public data sets demonstrate that the EMTD-SSC model's effectiveness, achieving an impressive 94.8% accuracy in the binary classification tasks.</abstract><cop>Piscataway</cop><pub>IEEE</pub><doi>10.1109/JIOT.2024.3413580</doi><tpages>17</tpages><orcidid>https://orcid.org/0000-0003-0458-8481</orcidid><orcidid>https://orcid.org/0000-0002-7504-3457</orcidid><orcidid>https://orcid.org/0000-0001-8337-4232</orcidid><orcidid>https://orcid.org/0000-0001-5597-9306</orcidid><orcidid>https://orcid.org/0000-0003-4485-6743</orcidid></addata></record>
fulltext	fulltext_linktorsrc
identifier	ISSN: 2327-4662
ispartof	IEEE internet of things journal, 2024-10, Vol.11 (19), p.30725-30741
issn	2327-4662 2327-4662
language	eng
recordid	cdi_ieee_primary_10555423
source	IEEE Electronic Library (IEL)
subjects	Adaptation models Anomalies Computational modeling Data models Datasets Deep learning Domain adaptation Effectiveness Information transfer Internet of Things Intrusion detection Intrusion detection systems Knowledge management Labels Machine learning malicious traffic detection Multilayers residual convolutional autoencoder (RCAE) small sample Target detection Transfer learning transfer learning (TL)
title	EMTD-SSC: An Enhanced Malicious Traffic Detection Model Using Transfer Learning Under Small Sample Conditions in IoT
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-05T19%3A19%3A14IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=EMTD-SSC:%20An%20Enhanced%20Malicious%20Traffic%20Detection%20Model%20Using%20Transfer%20Learning%20Under%20Small%20Sample%20Conditions%20in%20IoT&rft.jtitle=IEEE%20internet%20of%20things%20journal&rft.au=Ge,%20Yueqin&rft.date=2024-10-01&rft.volume=11&rft.issue=19&rft.spage=30725&rft.epage=30741&rft.pages=30725-30741&rft.issn=2327-4662&rft.eissn=2327-4662&rft.coden=IITJAU&rft_id=info:doi/10.1109/JIOT.2024.3413580&rft_dat=%3Cproquest_RIE%3E3110462864%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=3110462864&rft_id=info:pmid/&rft_ieee_id=10555423&rfr_iscdi=true