A Few-shot Based Model-Agnostic Meta-Learning for Intrusion Detection in Security of Internet of Things

Currently, the effective technologies used to protect the security of the Internet of Things include blockchain and intrusion detection systems. The traditional IoT intrusion detection systems based on supervised learning usually requires a large amount of data for training, with high costs, and mos...

Full description

Saved in:
Bibliographic Details
Published in:IEEE internet of things journal 2023-12, Vol.10 (24), p.1-1
Main Authors: Lu, Chaomeng, Wang, Xufeng, Yang, Aimin, Liu, Yikai, Dong, Ziao
Format: Article
Language:English
Subjects:
Classification algorithms
Convolutional Neural Network
Convolutional neural networks
Cryptography
Cyber security
Cybersecurity
Data models
Datasets
Few-shot learning
Internet of Things
Intrusion detection
Intrusion Detection System
Intrusion detection systems
Model-agnostic meta-learning
Supervised learning
Task analysis
Training
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Currently, the effective technologies used to protect the security of the Internet of Things include blockchain and intrusion detection systems. The traditional IoT intrusion detection systems based on supervised learning usually requires a large amount of data for training, with high costs, and most of them can only work in several specific types of attacks. Faced with the variability of current IoT attack methods and the complexity of the network environment, they are usually unable to play a role in a short time. Especially in dealing with new security problems such as Zero-day attacks, which have a small number of learnable samples. Therefore, this paper proposed an IoT intrusion detection model to deal with the situation where learnable samples are insufficient. The model adopts the idea of meta-learning and divides the training process into two layers based on model-agnostic meta-learning. Its purpose is to train a relatively general model using the malicious network flow data of various known attack modes. To this end, a few-shot IoT intrusion detection dataset, FSIDS-IoT, is constructed based on five datasets, namely CIC-DDoS2019, CIC-IDS2017, CSE-CIC-IDS2018, NSL-KDD, and UNSW-NB15. Experiments show that our proposed approach, using only a few gradient steps and a small amount of training data from the new attack type, can perform well to protect cyber security. In the test of identifying unknown attacks, the optimal accuracy under the 5-way 1-shot setting reached 78.26%, 90.09% under the 5-way 5-shot setting, and 92.19% under the 5-way 10-shot setting.
ISSN:2327-4662
2327-4662
DOI:10.1109/JIOT.2023.3283408