TY - JOUR
T1 - Stacked Autoencoder-Based Probabilistic Feature Extraction for On-Device Network Intrusion Detection
AU - Dao, Thi Nga
AU - Lee, Hyungjune
N1 - Funding Information:
This work was supported by the Samsung Research Funding & Incubation Center of Samsung Electronics under Project SRFC-TB1803-02.
Publisher Copyright:
© 2014 IEEE.
PY - 2022/8/15
Y1 - 2022/8/15
N2 - Due to the outbreak of recent network attacks, it is necessary to develop a robust network intrusion detection system (NIDS) that can quickly and effectively identify the network attack. Although the state-of-the-art detection algorithms have shown quite promising detection performance, they suffer from computationally intensive operations and large memory footprint, making themselves infeasible to applications at the resourceconstrained edge devices. We propose a lightweight yet effective NIDS scheme that incorporates a stacked autoencoder with a network pruning technique. By removing a set of ineffective neurons across layers in the autoencoder network with a certain probability based on their importance, a considerably large portion of relatively nominal training parameters are reduced. Then, the pruned and pretrained encoder network is used as-is and is connected with a separate classifier network for attack type inference, avoiding a full retraining from scratch. Experimental results indicate that our stacked autoencoder-based classification network with probabilistic feature extraction has outperformed the state-of-the-art NIDSs in terms of attack detection rate. Further, we have shown that our lightweight NIDS scheme has significantly reduced the computational complexity throughout the architecture, making it feasible to the edge, while maintaining a similar attack type detection quality compared with its original fully connected neural network.
AB - Due to the outbreak of recent network attacks, it is necessary to develop a robust network intrusion detection system (NIDS) that can quickly and effectively identify the network attack. Although the state-of-the-art detection algorithms have shown quite promising detection performance, they suffer from computationally intensive operations and large memory footprint, making themselves infeasible to applications at the resourceconstrained edge devices. We propose a lightweight yet effective NIDS scheme that incorporates a stacked autoencoder with a network pruning technique. By removing a set of ineffective neurons across layers in the autoencoder network with a certain probability based on their importance, a considerably large portion of relatively nominal training parameters are reduced. Then, the pruned and pretrained encoder network is used as-is and is connected with a separate classifier network for attack type inference, avoiding a full retraining from scratch. Experimental results indicate that our stacked autoencoder-based classification network with probabilistic feature extraction has outperformed the state-of-the-art NIDSs in terms of attack detection rate. Further, we have shown that our lightweight NIDS scheme has significantly reduced the computational complexity throughout the architecture, making it feasible to the edge, while maintaining a similar attack type detection quality compared with its original fully connected neural network.
KW - Anomaly classification
KW - feature extraction
KW - network intrusion detection system (NIDS)
KW - on-device AI
UR - http://www.scopus.com/inward/record.url?scp=85105884259&partnerID=8YFLogxK
U2 - 10.1109/JIOT.2021.3078292
DO - 10.1109/JIOT.2021.3078292
M3 - Article
AN - SCOPUS:85105884259
SN - 2327-4662
VL - 9
SP - 14438
EP - 14451
JO - IEEE Internet of Things Journal
JF - IEEE Internet of Things Journal
IS - 16
ER -