EG-ConMix: An Intrusion Detection Method based on Graph Contrastive Learning
As the number of IoT devices increases, security concerns become more prominent. The impact of threats can be minimized by deploying Network Intrusion Detection System (NIDS) by monitoring network traffic, detecting and discovering intrusions, and issuing security alerts promptly. Most intrusion det...
Saved in:
Main Authors | , , , , , , , |
---|---|
Format | Journal Article |
Language | English |
Published |
24.03.2024
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | As the number of IoT devices increases, security concerns become more
prominent. The impact of threats can be minimized by deploying Network
Intrusion Detection System (NIDS) by monitoring network traffic, detecting and
discovering intrusions, and issuing security alerts promptly. Most intrusion
detection research in recent years has been directed towards the pair of
traffic itself without considering the interrelationships among them, thus
limiting the monitoring of complex IoT network attack events. Besides,
anomalous traffic in real networks accounts for only a small fraction, which
leads to a severe imbalance problem in the dataset that makes algorithmic
learning and prediction extremely difficult. In this paper, we propose an
EG-ConMix method based on E-GraphSAGE, incorporating a data augmentation module
to fix the problem of data imbalance. In addition, we incorporate contrastive
learning to discern the difference between normal and malicious traffic
samples, facilitating the extraction of key features. Extensive experiments on
two publicly available datasets demonstrate the superior intrusion detection
performance of EG-ConMix compared to state-of-the-art methods. Remarkably, it
exhibits significant advantages in terms of training speed and accuracy for
large-scale graphs. |
---|---|
DOI: | 10.48550/arxiv.2403.17980 |