Pf-tl: Payload feature-based transfer learning for dealing with the lack of training data

Research output: Contribution to journalArticlepeer-review

Abstract

The number of studies on applying machine learning to cyber security has increased over the past few years. These studies, however, are facing difficulties with making themselves usable in the real world, mainly due to the lack of training data and reusability of a created model. While transfer learning seems like a solution to these problems, the number of studies in the field of intrusion detection is still insufficient. Therefore, this study proposes payload feature-based transfer learning as a solution to the lack of training data when applying machine learning to intrusion detection by using the knowledge from an already known domain. Firstly, it expands the extracting range of information from header to payload to accurately deliver the information by using an effective hybrid feature extraction method. Secondly, this study provides an improved optimization method for the extracted features to create a labeled dataset for a target domain. This proposal was validated on publicly available datasets, using three distinctive scenarios, and the results confirmed its usability in practice by increasing the accuracy of the training data created from the transfer learning by 30%, compared to that of the non-transfer learning method. In addition, we showed that this approach can help in identifying previously unknown attacks and reusing models from different domains.

Original languageEnglish
Article number1148
JournalElectronics (Switzerland)
Volume10
Issue number10
DOIs
Publication statusPublished - 2021 May 2

Keywords

  • Intrusion detection
  • Knowledge transfer
  • Machine learning
  • Payloads
  • Transfer learning

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Signal Processing
  • Hardware and Architecture
  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Pf-tl: Payload feature-based transfer learning for dealing with the lack of training data'. Together they form a unique fingerprint.

Cite this