Intrusion Detection Through Deep Neural Networks with Anticipated Outputs for Fast and Reliable Inference
Abstract
Deep Neural Networks (DNN) are the state-of-the-art in intrusion detection, but they increase computational costs and are usually impractical for resource-limited devices. We present a novel early-exit DNN for fast inference and reliable intrusion detection. Our approach divides the DNN into branches, classifying most samples into the initial branches to reduce inference costs. Challenging samples in the latter branch are classified with a reject option, improving reliability. The multi-objective optimized method was tested on an 8 TB data set, reducing computational costs by up to 82% and decreasing error rates by up to 3.3%.References
Abreu, V., Santin, A. O., Viegas, E. K., and Stihler, M. (2017). A multi-domain role activation model. In 2017 IEEE International Conference on Communications (ICC). IEEE.
Al-Garadi, M. A., Mohamed, A., Al-Ali, A. K., Du, X., Ali, I., and Guizani, M. (2020). A survey of machine and deep learning methods for internet of things (IoT) security. IEEE Communications Surveys & Tutorials, 22(3):1646–1685.
Deb, K., Pratap, A., Agarwal, S., and Meyarivan, T. (2002). A fast and elitist multiobjective genetic algorithm: NSGA-II. IEEE Transactions on Evolutionary Computation, 6(2):182–197.
dos Santos, R. R., Viegas, E. K., Santin, A. O., and Tedeschi, P. (2023). Federated learning for reliable model updates in network-based intrusion detection. Computers amp; Security, 133:103413.
Fontugne, R., Borgnat, P., Abry, P., and Fukuda, K. (2010). MAWILab: Combining diverse anomaly detectors for automated anomaly labeling and performance benchmarking. In Proc. of the 6th Int. Conf. on emerging Networking EXperiments and Technologies (CoNEXT).
Ge, M., Syed, N. F., Fu, X., Baig, Z., and Robles-Kelly, A. (2021). Towards a deep learning-driven intrusion detection approach for internet of things. Computer Networks, 186:107784.
Geremias, J., Viegas, E. K., Santin, A. O., Britto, A., and Horchulhack, P. (2022). Towards multi-view android malware detection through image-based deep learning. In 2022 International Wireless Communications and Mobile Computing (IWCMC). IEEE.
Horchulhack, P., Viegas, E. K., Santin, A. O., Ramos, F. V., and Tedeschi, P. (2024a). Detection of quality of service degradation on multi-tenant containerized services. Journal of Network and Computer Applications, 224:103839.
Horchulhack, P., Viegas, E. K., Santin, A. O., and Simioni, J. A. (2024b). Network-based intrusion detection through image-based cnn and transfer learning. In 2024 International Wireless Communications and Mobile Computing (IWCMC). IEEE.
Laskaridis, S., Kouris, A., and Lane, N. D. (2021). Adaptive inference through early-exit networks. In Proceedings of the 5th International Workshop on Embedded and Mobile Deep Learning. ACM.
Li, E., Zeng, L., Zhou, Z., and Chen, X. (2020). Edge AI: On-demand accelerating deep neural network inference via edge computing. IEEE Transactions on Wireless Communications, 19(1):447–457.
Ma, L., Chai, Y., Cui, L., Ma, D., Fu, Y., and Xiao, A. (2020). A deep learning-based DDoS detection framework for internet of things. In IEEE International Conference on Communications (ICC). IEEE.
MAWI (2023). MAWI Working Group Traffic Archive - Samplepoint F.
Molina-Coronado, B., Mori, U., Mendiburu, A., and Miguel-Alonso, J. (2020). Survey of network intrusion detection methods from the perspective of the knowledge discovery in databases process. IEEE Transactions on Network and Service Management, 17:2451–2479.
Moore, A. (2005). Discriminators for use in flow-based classification. In Dept. Comput. Sci., Univ. London, London, U.K., Rep. RR-05-13.
Santos, R. R. d., Viegas, E. K., Santin, A. O., and Cogo, V. V. (2023). Reinforcement learning for intrusion detection: More model longness and fewer updates. IEEE Transactions on Network and Service Management, 20(2):2040–2055.
Seifeddine, W., Adjih, C., and Achir, N. (2021). Dynamic hierarchical neural network offloading in IoT edge networks. In 2021 10th IFIP International Conference on Performance Evaluation and Modeling in Wireless and Wired Networks (PEMWN). IEEE.
SonicWall (August, 2023 (accessed October 5, 2023)). Mid-Year Update: 2023 SonicWall Cyber Threat Report.
Viegas, E., Santin, A., Neves, N., Bessani, A., and Abreu, V. (2017). A resilient stream learning intrusion detection mechanism for real-time analysis of network traffic. In GLOBECOM 2017 - 2017 IEEE Global Communications Conference. IEEE.
Wang, Y., Qin, G., Zou, M., Liang, Y., Wang, G., Wang, K., Feng, Y., and Zhang, Z. (2023). A lightweight intrusion detection system for internet of vehicles based on transfer learning and MobileNetV2 with hyper-parameter optimization. Multimedia Tools and Applications.
Zhang, J., Li, F., and Ye, F. (2020). An ensemble-based network intrusion detection scheme with bayesian deep learning. In IEEE International Conference on Communications (ICC). IEEE.
Al-Garadi, M. A., Mohamed, A., Al-Ali, A. K., Du, X., Ali, I., and Guizani, M. (2020). A survey of machine and deep learning methods for internet of things (IoT) security. IEEE Communications Surveys & Tutorials, 22(3):1646–1685.
Deb, K., Pratap, A., Agarwal, S., and Meyarivan, T. (2002). A fast and elitist multiobjective genetic algorithm: NSGA-II. IEEE Transactions on Evolutionary Computation, 6(2):182–197.
dos Santos, R. R., Viegas, E. K., Santin, A. O., and Tedeschi, P. (2023). Federated learning for reliable model updates in network-based intrusion detection. Computers amp; Security, 133:103413.
Fontugne, R., Borgnat, P., Abry, P., and Fukuda, K. (2010). MAWILab: Combining diverse anomaly detectors for automated anomaly labeling and performance benchmarking. In Proc. of the 6th Int. Conf. on emerging Networking EXperiments and Technologies (CoNEXT).
Ge, M., Syed, N. F., Fu, X., Baig, Z., and Robles-Kelly, A. (2021). Towards a deep learning-driven intrusion detection approach for internet of things. Computer Networks, 186:107784.
Geremias, J., Viegas, E. K., Santin, A. O., Britto, A., and Horchulhack, P. (2022). Towards multi-view android malware detection through image-based deep learning. In 2022 International Wireless Communications and Mobile Computing (IWCMC). IEEE.
Horchulhack, P., Viegas, E. K., Santin, A. O., Ramos, F. V., and Tedeschi, P. (2024a). Detection of quality of service degradation on multi-tenant containerized services. Journal of Network and Computer Applications, 224:103839.
Horchulhack, P., Viegas, E. K., Santin, A. O., and Simioni, J. A. (2024b). Network-based intrusion detection through image-based cnn and transfer learning. In 2024 International Wireless Communications and Mobile Computing (IWCMC). IEEE.
Laskaridis, S., Kouris, A., and Lane, N. D. (2021). Adaptive inference through early-exit networks. In Proceedings of the 5th International Workshop on Embedded and Mobile Deep Learning. ACM.
Li, E., Zeng, L., Zhou, Z., and Chen, X. (2020). Edge AI: On-demand accelerating deep neural network inference via edge computing. IEEE Transactions on Wireless Communications, 19(1):447–457.
Ma, L., Chai, Y., Cui, L., Ma, D., Fu, Y., and Xiao, A. (2020). A deep learning-based DDoS detection framework for internet of things. In IEEE International Conference on Communications (ICC). IEEE.
MAWI (2023). MAWI Working Group Traffic Archive - Samplepoint F.
Molina-Coronado, B., Mori, U., Mendiburu, A., and Miguel-Alonso, J. (2020). Survey of network intrusion detection methods from the perspective of the knowledge discovery in databases process. IEEE Transactions on Network and Service Management, 17:2451–2479.
Moore, A. (2005). Discriminators for use in flow-based classification. In Dept. Comput. Sci., Univ. London, London, U.K., Rep. RR-05-13.
Santos, R. R. d., Viegas, E. K., Santin, A. O., and Cogo, V. V. (2023). Reinforcement learning for intrusion detection: More model longness and fewer updates. IEEE Transactions on Network and Service Management, 20(2):2040–2055.
Seifeddine, W., Adjih, C., and Achir, N. (2021). Dynamic hierarchical neural network offloading in IoT edge networks. In 2021 10th IFIP International Conference on Performance Evaluation and Modeling in Wireless and Wired Networks (PEMWN). IEEE.
SonicWall (August, 2023 (accessed October 5, 2023)). Mid-Year Update: 2023 SonicWall Cyber Threat Report.
Viegas, E., Santin, A., Neves, N., Bessani, A., and Abreu, V. (2017). A resilient stream learning intrusion detection mechanism for real-time analysis of network traffic. In GLOBECOM 2017 - 2017 IEEE Global Communications Conference. IEEE.
Wang, Y., Qin, G., Zou, M., Liang, Y., Wang, G., Wang, K., Feng, Y., and Zhang, Z. (2023). A lightweight intrusion detection system for internet of vehicles based on transfer learning and MobileNetV2 with hyper-parameter optimization. Multimedia Tools and Applications.
Zhang, J., Li, F., and Ye, F. (2020). An ensemble-based network intrusion detection scheme with bayesian deep learning. In IEEE International Conference on Communications (ICC). IEEE.
Published
2024-09-16
How to Cite
SIMIONI, João André; VIEGAS, Eduardo Kugler; SANTIN, Altair Olivo; HORCHULHACK, Pedro.
Intrusion Detection Through Deep Neural Networks with Anticipated Outputs for Fast and Reliable Inference. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 24. , 2024, São José dos Campos/SP.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 242-255.
DOI: https://doi.org/10.5753/sbseg.2024.241485.
