恶意软件
计算机科学
有效载荷(计算)
计算机安全
互联网
计算机网络
人工智能
源代码
深度学习
数据挖掘
领域(数学分析)
机器学习
适应(眼睛)
学习迁移
域适应
编码(集合论)
钥匙(锁)
僵尸网络
分类器(UML)
万维网
数学分析
物理
数学
光学
集合(抽象数据类型)
网络数据包
程序设计语言
操作系统
作者
Jinhui Ning,Guan Gui,Yu Wang,Jie Yang,Bamidele Adebisi,Song Ci,Haris Gacanin,Fumiyuki Adachi
标识
DOI:10.1109/jiot.2021.3131981
摘要
Malware traffic classification (MTC) is a key technology for anomaly and intrusion detection in secure Industrial Internet of Things (IIoT). Traditional MTC methods based on port, payload, and statistic depend on the manual-designed features, which have low accuracy. Recently, deep-learning methods have attracted a significant attention due to their high accuracy in terms of classification. However, in practical application scenarios, deep-learning methods require a large amount of labeled samples for training, while the available labeled samples for training are very rare. Furthermore, the preparation of a large amount of labeled samples requires a lot of labor costs. To solve these problems, this article proposes three methods based on semisupervised learning (SSL), transfer learning (TL), and domain adaptive (DA), respectively. Our proposed methods use a large amount of unlabeled data collected in the Internet traffic, which can greatly improve the classification accuracy with few labeled samples. Then, we use the DA method to solve the mismatch problem between the source domain and the target domain in the TL process. The proposed method is not only applicable to the shallow network but also to the deep neural network structure, and can achieve better classification results. Experimental results show that our proposed methods can satisfy the requirement of MTC in the case of few labeled samples in IIoT. The source code for all the experiments is available at GitHub.The code of this article can be downloaded from GitHub link: https://github.com/yzjh/Keras-MTC-DA-Ladder .
科研通智能强力驱动
Strongly Powered by AbleSci AI