Network Intrusion Detection in Internet of Blended Environment Using Ensemble of Heterogeneous Autoencoders(E-HAE)  

作　　者：Lelisa Adeba Jilcha Deuk-Hun Kim Julian Jang-Jaccard Jin Kwak 

机构地区：[1]ISAA Lab.,Department of AI Convergence Network,Ajou University,Suwon,16499,Korea [2]ISAA Lab.,Institute for Information and Communication,Ajou University,Suwon,16499,Korea [3]Department of Computer Science and Information Technology,Massey University,Auckland,0745,New Zealand [4]Department of Cyber Security,Ajou University,Suwon,16499,Korea

出　　处：《Computer Systems Science & Engineering》2023年第9期3261-3284,共24页计算机系统科学与工程（英文）

基　　金：This work was supported by the National Research Foundation of Korea(NRF)grant funded by the Korean government(MSIT)(No.2021R1A2C2011391);was supported by the Institute of Information&communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.2021-0-01806;Development of security by design and security management technology in smart factory).

摘　　要：Contemporary attackers,mainly motivated by financial gain,consistently devise sophisticated penetration techniques to access important information or data.The growing use of Internet of Things(IoT)technology in the contemporary convergence environment to connect to corporate networks and cloud-based applications only worsens this situation,as it facilitates multiple new attack vectors to emerge effortlessly.As such,existing intrusion detection systems suffer from performance degradation mainly because of insufficient considerations and poorly modeled detection systems.To address this problem,we designed a blended threat detection approach,considering the possible impact and dimensionality of new attack surfaces due to the aforementioned convergence.We collectively refer to the convergence of different technology sectors as the internet of blended environment.The proposed approach encompasses an ensemble of heterogeneous probabilistic autoencoders that leverage the corresponding advantages of a convolutional variational autoencoder and long short-term memory variational autoencoder.An extensive experimental analysis conducted on the TON_IoT dataset demonstrated 96.02%detection accuracy.Furthermore,performance of the proposed approach was compared with various single model(autoencoder)-based network intrusion detection approaches:autoencoder,variational autoencoder,convolutional variational autoencoder,and long short-term memory variational autoencoder.The proposed model outperformed all compared models,demonstrating F1-score improvements of 4.99%,2.25%,1.92%,and 3.69%,respectively.

关 键 词：Network intrusion detection anomaly detection TON_IoT dataset smart grid smart city smart factory digital healthcare autoencoder variational autoencoder LSTM convolutional variational autoencoder ensemble learning 

分 类 号：TP393.08[自动化与计算机技术—计算机应用技术]