Detecção de Intrusão Através de Redes Neurais Profundas com Saídas Antecipadas para Inferência Rápida e Confiável
Resumo
Redes Neurais Profundas (DNN) representam o estado da arte em detecção de intrusões, mas aumentam os custos computacionais, tornando-as impraticáveis para dispositivos com recursos limitados. Apresentamos uma nova DNN com saída antecipada para inferência rápida e detecção confiável de intrusões. Nossa abordagem divide a DNN em ramificações, classificando a maioria das amostras nas ramificações iniciais para reduzir os custos de inferência. Amostras que apresentam um desafio maior de classificação são categorizadas na última ramificação, utilizando uma opção de rejeição para aprimorar a confiabilidade. O método de otimização multi-objetivo foi testado em um conjunto de dados de 8 TB, resultando em uma redução de até 82% nos custos computacionais e diminuição das taxas de erro em até 3,3%.Referências
Abreu, V., Santin, A. O., Viegas, E. K., and Stihler, M. (2017). A multi-domain role activation model. In 2017 IEEE International Conference on Communications (ICC). IEEE.
Al-Garadi, M. A., Mohamed, A., Al-Ali, A. K., Du, X., Ali, I., and Guizani, M. (2020). A survey of machine and deep learning methods for internet of things (IoT) security. IEEE Communications Surveys & Tutorials, 22(3):1646–1685.
Deb, K., Pratap, A., Agarwal, S., and Meyarivan, T. (2002). A fast and elitist multiobjective genetic algorithm: NSGA-II. IEEE Transactions on Evolutionary Computation, 6(2):182–197.
dos Santos, R. R., Viegas, E. K., Santin, A. O., and Tedeschi, P. (2023). Federated learning for reliable model updates in network-based intrusion detection. Computers amp; Security, 133:103413.
Fontugne, R., Borgnat, P., Abry, P., and Fukuda, K. (2010). MAWILab: Combining diverse anomaly detectors for automated anomaly labeling and performance benchmarking. In Proc. of the 6th Int. Conf. on emerging Networking EXperiments and Technologies (CoNEXT).
Ge, M., Syed, N. F., Fu, X., Baig, Z., and Robles-Kelly, A. (2021). Towards a deep learning-driven intrusion detection approach for internet of things. Computer Networks, 186:107784.
Geremias, J., Viegas, E. K., Santin, A. O., Britto, A., and Horchulhack, P. (2022). Towards multi-view android malware detection through image-based deep learning. In 2022 International Wireless Communications and Mobile Computing (IWCMC). IEEE.
Horchulhack, P., Viegas, E. K., Santin, A. O., Ramos, F. V., and Tedeschi, P. (2024a). Detection of quality of service degradation on multi-tenant containerized services. Journal of Network and Computer Applications, 224:103839.
Horchulhack, P., Viegas, E. K., Santin, A. O., and Simioni, J. A. (2024b). Network-based intrusion detection through image-based cnn and transfer learning. In 2024 International Wireless Communications and Mobile Computing (IWCMC). IEEE.
Laskaridis, S., Kouris, A., and Lane, N. D. (2021). Adaptive inference through early-exit networks. In Proceedings of the 5th International Workshop on Embedded and Mobile Deep Learning. ACM.
Li, E., Zeng, L., Zhou, Z., and Chen, X. (2020). Edge AI: On-demand accelerating deep neural network inference via edge computing. IEEE Transactions on Wireless Communications, 19(1):447–457.
Ma, L., Chai, Y., Cui, L., Ma, D., Fu, Y., and Xiao, A. (2020). A deep learning-based DDoS detection framework for internet of things. In IEEE International Conference on Communications (ICC). IEEE.
MAWI (2023). MAWI Working Group Traffic Archive - Samplepoint F.
Molina-Coronado, B., Mori, U., Mendiburu, A., and Miguel-Alonso, J. (2020). Survey of network intrusion detection methods from the perspective of the knowledge discovery in databases process. IEEE Transactions on Network and Service Management, 17:2451–2479.
Moore, A. (2005). Discriminators for use in flow-based classification. In Dept. Comput. Sci., Univ. London, London, U.K., Rep. RR-05-13.
Santos, R. R. d., Viegas, E. K., Santin, A. O., and Cogo, V. V. (2023). Reinforcement learning for intrusion detection: More model longness and fewer updates. IEEE Transactions on Network and Service Management, 20(2):2040–2055.
Seifeddine, W., Adjih, C., and Achir, N. (2021). Dynamic hierarchical neural network offloading in IoT edge networks. In 2021 10th IFIP International Conference on Performance Evaluation and Modeling in Wireless and Wired Networks (PEMWN). IEEE.
SonicWall (August, 2023 (accessed October 5, 2023)). Mid-Year Update: 2023 SonicWall Cyber Threat Report.
Viegas, E., Santin, A., Neves, N., Bessani, A., and Abreu, V. (2017). A resilient stream learning intrusion detection mechanism for real-time analysis of network traffic. In GLOBECOM 2017 - 2017 IEEE Global Communications Conference. IEEE.
Wang, Y., Qin, G., Zou, M., Liang, Y., Wang, G., Wang, K., Feng, Y., and Zhang, Z. (2023). A lightweight intrusion detection system for internet of vehicles based on transfer learning and MobileNetV2 with hyper-parameter optimization. Multimedia Tools and Applications.
Zhang, J., Li, F., and Ye, F. (2020). An ensemble-based network intrusion detection scheme with bayesian deep learning. In IEEE International Conference on Communications (ICC). IEEE.
Al-Garadi, M. A., Mohamed, A., Al-Ali, A. K., Du, X., Ali, I., and Guizani, M. (2020). A survey of machine and deep learning methods for internet of things (IoT) security. IEEE Communications Surveys & Tutorials, 22(3):1646–1685.
Deb, K., Pratap, A., Agarwal, S., and Meyarivan, T. (2002). A fast and elitist multiobjective genetic algorithm: NSGA-II. IEEE Transactions on Evolutionary Computation, 6(2):182–197.
dos Santos, R. R., Viegas, E. K., Santin, A. O., and Tedeschi, P. (2023). Federated learning for reliable model updates in network-based intrusion detection. Computers amp; Security, 133:103413.
Fontugne, R., Borgnat, P., Abry, P., and Fukuda, K. (2010). MAWILab: Combining diverse anomaly detectors for automated anomaly labeling and performance benchmarking. In Proc. of the 6th Int. Conf. on emerging Networking EXperiments and Technologies (CoNEXT).
Ge, M., Syed, N. F., Fu, X., Baig, Z., and Robles-Kelly, A. (2021). Towards a deep learning-driven intrusion detection approach for internet of things. Computer Networks, 186:107784.
Geremias, J., Viegas, E. K., Santin, A. O., Britto, A., and Horchulhack, P. (2022). Towards multi-view android malware detection through image-based deep learning. In 2022 International Wireless Communications and Mobile Computing (IWCMC). IEEE.
Horchulhack, P., Viegas, E. K., Santin, A. O., Ramos, F. V., and Tedeschi, P. (2024a). Detection of quality of service degradation on multi-tenant containerized services. Journal of Network and Computer Applications, 224:103839.
Horchulhack, P., Viegas, E. K., Santin, A. O., and Simioni, J. A. (2024b). Network-based intrusion detection through image-based cnn and transfer learning. In 2024 International Wireless Communications and Mobile Computing (IWCMC). IEEE.
Laskaridis, S., Kouris, A., and Lane, N. D. (2021). Adaptive inference through early-exit networks. In Proceedings of the 5th International Workshop on Embedded and Mobile Deep Learning. ACM.
Li, E., Zeng, L., Zhou, Z., and Chen, X. (2020). Edge AI: On-demand accelerating deep neural network inference via edge computing. IEEE Transactions on Wireless Communications, 19(1):447–457.
Ma, L., Chai, Y., Cui, L., Ma, D., Fu, Y., and Xiao, A. (2020). A deep learning-based DDoS detection framework for internet of things. In IEEE International Conference on Communications (ICC). IEEE.
MAWI (2023). MAWI Working Group Traffic Archive - Samplepoint F.
Molina-Coronado, B., Mori, U., Mendiburu, A., and Miguel-Alonso, J. (2020). Survey of network intrusion detection methods from the perspective of the knowledge discovery in databases process. IEEE Transactions on Network and Service Management, 17:2451–2479.
Moore, A. (2005). Discriminators for use in flow-based classification. In Dept. Comput. Sci., Univ. London, London, U.K., Rep. RR-05-13.
Santos, R. R. d., Viegas, E. K., Santin, A. O., and Cogo, V. V. (2023). Reinforcement learning for intrusion detection: More model longness and fewer updates. IEEE Transactions on Network and Service Management, 20(2):2040–2055.
Seifeddine, W., Adjih, C., and Achir, N. (2021). Dynamic hierarchical neural network offloading in IoT edge networks. In 2021 10th IFIP International Conference on Performance Evaluation and Modeling in Wireless and Wired Networks (PEMWN). IEEE.
SonicWall (August, 2023 (accessed October 5, 2023)). Mid-Year Update: 2023 SonicWall Cyber Threat Report.
Viegas, E., Santin, A., Neves, N., Bessani, A., and Abreu, V. (2017). A resilient stream learning intrusion detection mechanism for real-time analysis of network traffic. In GLOBECOM 2017 - 2017 IEEE Global Communications Conference. IEEE.
Wang, Y., Qin, G., Zou, M., Liang, Y., Wang, G., Wang, K., Feng, Y., and Zhang, Z. (2023). A lightweight intrusion detection system for internet of vehicles based on transfer learning and MobileNetV2 with hyper-parameter optimization. Multimedia Tools and Applications.
Zhang, J., Li, F., and Ye, F. (2020). An ensemble-based network intrusion detection scheme with bayesian deep learning. In IEEE International Conference on Communications (ICC). IEEE.
Publicado
16/09/2024
Como Citar
SIMIONI, João André; VIEGAS, Eduardo Kugler; SANTIN, Altair Olivo; HORCHULHACK, Pedro.
Detecção de Intrusão Através de Redes Neurais Profundas com Saídas Antecipadas para Inferência Rápida e Confiável. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 24. , 2024, São José dos Campos/SP.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 242-255.
DOI: https://doi.org/10.5753/sbseg.2024.241485.
