IDS-INT:Intrusion detection system using transformer-based transfer learning for imbalanced network traffic

作     者：Farhan Ullah Shamsher Ullah Gautam Srivastava Jerry Chun-Wei Lin Farhan Ullah;Shamsher Ullah;Gautam Srivastava;Jerry Chun-Wei Lin

作者机构：School of SoftwareNorthwestern Polytechnical UniversityXian710072ShaanxiChina Knowledge Unit of Systems and TechnologyUniversity of Management and TechnologySialkot 51040Pakistan Department of Math and Computer ScienceBrandon UniversityBrandonMB R7A 6A9Canada Department of Computer Science and MathLebanese American UniversityBeirut1102Lebanon Western Norway University of Applied SciencesBergenNorway Research Centre for Interneural ComputingChina Medical UniversityTaichungTaiwanChina 

出 版 物：《Digital Communications and Networks》 (数字通信与网络（英文版）)

年 卷 期：2024年第10卷第1期

页      面：190-204页

核心收录：

学科分类：12[管理学] 1201[管理学-管理科学与工程(可授管理学、工学学位)] 08[工学] 081201[工学-计算机系统结构] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

主　　题：Network intrusion detection Transfer learning Features extraction Imbalance data Explainable AI Cybersecurity 

摘      要：A network intrusion detection system is critical for cyber security against llegitimate *** terms of feature perspectives,network traffic may include a variety of elements such as attack reference,attack type,a subcategory of attack,host information,malicious scripts,*** terms of network perspectives,network traffic may contain an imbalanced number of harmful attacks when compared to normal *** is challenging to identify a specific attack due to complex features and data imbalance *** address these issues,this paper proposes an Intrusion Detection System using transformer-based transfer learning for Imbalanced Network Traffic(IDS-INT).IDS-INT uses transformer-based transfer learning to learn feature interactions in both network feature representation and imbalanced ***,detailed information about each type of attack is gathered from network interaction descriptions,which include network nodes,attack type,reference,host information,***,the transformer-based transfer learning approach is developed to learn detailed feature representation using their semantic ***,the Synthetic Minority Oversampling Technique(SMOTE)is implemented to balance abnormal traffic and detect minority ***,the Convolution Neural Network(CNN)model is designed to extract deep features from the balanced network ***,the hybrid approach of the CNN-Long Short-Term Memory(CNN-LSTM)model is developed to detect different types of attacks from the deep *** experiments are conducted to test the proposed approach using three standard datasets,i.e.,UNsWNB15,CIC-IDS2017,and *** explainable AI approach is implemented to interpret the proposed method and develop a trustable model.