Learning Latent Representation with Limited Labels for IoT Anomaly Detection

Authors

  • Nguyen Huu Noi
  • Tran Nguyen Ngoc

DOI:

https://doi.org/10.54654/isj.v3i20.986

Keywords:

AutoEncoder, semi-supervised, latent representation, IoT, malware detection

Tóm tắt

Abstract— Malware detection is a critical challenge in the current era, especially for IoT devices. Previous studies have applied analytic techniques to reduce data size and extract valuable information. However, most of these studies count on a considerable quantity of outliers to perform anomaly detection. In this paper, we propose an enhanced method (named FeaWAD*) that improves the data encoding strategy based on the FeaWAD network [1]. These models require only a small fraction of anomalies for training. We evaluate the FeaWAD* method on the N-BaIoT dataset with various test scenarios for detecting known attacks as well as unknown future attacks. The experimental results demonstrate that the FeaWAD* method outperforms the original model FeaWAD and other popular anomaly detection methods such as Isolation Forest, Local Outlier Factor, and One-class Support Vector Machine. We also measure the time-based effectiveness of the model to assess its practical applicability.

Downloads

Download data is not yet available.

References

Y. Zhou, X. Song, Y. Zhang, F. Liu, C. Zhu, and L. Liu, “Feature Encoding with AutoEncoders for Weakly-supervised Anomaly Detection,” IEEE Trans Neural Netw Learn Syst, vol. 33, no. 6, pp. 2454–2465, May 2021, doi: 10.1109/TNNLS.2021.3086137.

A. E. Omolara et al., “The internet of things security: A survey encompassing unexplored areas and new insights,” Comput Secur, vol. 112, p. 102494, Jan. 2022, doi: 10.1016/J.COSE.2021.102494.

D. T. Son, N. T. K. Tram, and P. M. Hieu, “Deep Learning Techniques to Detect Botnet,” Journal of Science and Technology on Information security, vol. 1, no. 15, pp. 85–91, Jun. 2022, doi: 10.54654/ISJ.V1I15.846.

N. Hung, Đ. Mai, N. T.-J. of S. and T. on, and undefined 2023, “Network attack classification framework based on Autoencoder model and online stream analysis technology,” isj.vn, Accessed: Sep. 26, 2023. [Online]. Available: https://isj.vn/index.php/journal_STIS/article/view/938

J. Liu et al., “Deep anomaly detection in packet payload,” Neurocomputing, vol. 485, pp. 205–218, May 2022, doi: 10.1016/J.NEUCOM.2021.01.146.

C. Qiu, T. Pfrommer, M. Kloft, S. Mandt, and M. Rudolph, “Neural Transformation Learning for Deep Anomaly Detection Beyond Images.” PMLR, pp. 8703–8714, Jul. 01, 2021. Accessed: Sep. 14, 2023. [Online]. Available: https://proceedings.mlr.press/v139/qiu21a.html

V. L. Cao, M. Nicolau, and J. McDermott, “Learning Neural Representations for Network Anomaly Detection,” IEEE Trans Cybern, vol. 49, no. 8, pp. 3074–3087, Aug. 2019, doi: 10.1109/TCYB.2018.2838668.

H. N. Nguyen, N. N. Tran, T. H. Hoang, and V. L. Cao, “Denoising Latent Representation with SOMs for Unsupervised IoT Malware Detection,” SN Computer Science 2022 3:6, vol. 3, no. 6, pp. 1–15, Sep. 2022, doi: 10.1007/S42979-022-01344-1.

G. Pang, C. Shen, and A. Van Den Hengel, “Deep anomaly detection with deviation networks,” Proceedings of the ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 353–362, Jul. 2019, doi: 10.1145/3292500.3330871.

L. Ruff et al., “DEEP SEMI-SUPERVISED ANOMALY DETECTION,” in 8th International Conference on Learning Representations, ICLR 2020, 2020.

T. Shenkar and L. Wolf, “ANOMALY DETECTION FOR TABULAR DATA WITH INTERNAL CONTRASTIVE LEARNING,” in ICLR 2022 - 10th International Conference on Learning Representations, 2022.

N. T. Dung, N. V. Quân, and N. V. Hùng, “Application of deep learning model in network reconnaissance attack detection,” Journal of Science and Technology on Information security, vol. 2, no. 16, pp. 60–72, Feb. 2022, doi: 10.54654/ISJ.V1I16.922.

B. Zong et al., “Deep autoencoding Gaussian mixture model for unsupervised anomaly detection,” in 6th International Conference on Learning Representations, ICLR 2018 - Conference Track Proceedings, 2018.

G. Pang, L. Chen, L. Cao, and H. Liu, “Learning representations of ultrahigh-dimensional data for random distance-based outlier detection,” Proceedings of the ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 2041–2050, Jul. 2018, doi: 10.1145/3219819.3220042.

C. Zhou and R. C. Paffenroth, “Anomaly detection with robust deep autoencoders,” Proceedings of the ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, vol. Part F129685, pp. 665–674, Aug. 2017, doi: 10.1145/3097983.3098052.

H. Xu et al., “Unsupervised Anomaly Detection via Variational Auto-Encoder for Seasonal KPIs in Web Applications,” The Web Conference 2018 - Proceedings of the World Wide Web Conference, WWW 2018, pp. 187–196, Apr. 2018, doi: 10.1145/3178876.3185996.

M. A. Siddiqui, R. Wright, A. Fern, A. Theriault, T. G. Dietterich, and D. W. Archer, “Feedback-guided anomaly discovery via online optimization,” Proceedings of the ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 2200–2209, Jul. 2018, doi: 10.1145/3219819.3220083.

L. Ruff et al., “Deep one-class classification,” in 35th International Conference on Machine Learning, ICML 2018, 2018.

Y. Meidan et al., “N-baiot—network-based detection of iot botnet attacks using deep autoencoders,” IEEE Pervasive Comput, vol. 17, no. 3, pp. 12–22, 2018.

Downloads

Abstract views: 231 / PDF downloads: 44

Published

2023-12-29

How to Cite

Noi, N. H., & Ngoc, T. N. (2023). Learning Latent Representation with Limited Labels for IoT Anomaly Detection. Journal of Science and Technology on Information Security, 3(20), 14-22. https://doi.org/10.54654/isj.v3i20.986

Issue

Section

Papers