EG-ConMix: An Intrusion Detection Method based on Graph Contrastive Learning
As the number of IoT devices increases, security concerns become more prominent. The impact of threats can be minimized by deploying Network Intrusion Detection System (NIDS) by monitoring network traffic, detecting and discovering intrusions, and issuing security alerts promptly. Most intrusion det...
Saved in:
Main Authors | , , , , , , , |
---|---|
Format | Journal Article |
Language | English |
Published |
24.03.2024
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Abstract | As the number of IoT devices increases, security concerns become more
prominent. The impact of threats can be minimized by deploying Network
Intrusion Detection System (NIDS) by monitoring network traffic, detecting and
discovering intrusions, and issuing security alerts promptly. Most intrusion
detection research in recent years has been directed towards the pair of
traffic itself without considering the interrelationships among them, thus
limiting the monitoring of complex IoT network attack events. Besides,
anomalous traffic in real networks accounts for only a small fraction, which
leads to a severe imbalance problem in the dataset that makes algorithmic
learning and prediction extremely difficult. In this paper, we propose an
EG-ConMix method based on E-GraphSAGE, incorporating a data augmentation module
to fix the problem of data imbalance. In addition, we incorporate contrastive
learning to discern the difference between normal and malicious traffic
samples, facilitating the extraction of key features. Extensive experiments on
two publicly available datasets demonstrate the superior intrusion detection
performance of EG-ConMix compared to state-of-the-art methods. Remarkably, it
exhibits significant advantages in terms of training speed and accuracy for
large-scale graphs. |
---|---|
AbstractList | As the number of IoT devices increases, security concerns become more
prominent. The impact of threats can be minimized by deploying Network
Intrusion Detection System (NIDS) by monitoring network traffic, detecting and
discovering intrusions, and issuing security alerts promptly. Most intrusion
detection research in recent years has been directed towards the pair of
traffic itself without considering the interrelationships among them, thus
limiting the monitoring of complex IoT network attack events. Besides,
anomalous traffic in real networks accounts for only a small fraction, which
leads to a severe imbalance problem in the dataset that makes algorithmic
learning and prediction extremely difficult. In this paper, we propose an
EG-ConMix method based on E-GraphSAGE, incorporating a data augmentation module
to fix the problem of data imbalance. In addition, we incorporate contrastive
learning to discern the difference between normal and malicious traffic
samples, facilitating the extraction of key features. Extensive experiments on
two publicly available datasets demonstrate the superior intrusion detection
performance of EG-ConMix compared to state-of-the-art methods. Remarkably, it
exhibits significant advantages in terms of training speed and accuracy for
large-scale graphs. |
Author | Lei, Shanshan Song, Hao Liao, Feilong Liu, Yuxin Wu, Lijin Zheng, Yuanjun Fu, Wentao Zhou, Jiajun |
Author_xml | – sequence: 1 givenname: Lijin surname: Wu fullname: Wu, Lijin – sequence: 2 givenname: Shanshan surname: Lei fullname: Lei, Shanshan – sequence: 3 givenname: Feilong surname: Liao fullname: Liao, Feilong – sequence: 4 givenname: Yuanjun surname: Zheng fullname: Zheng, Yuanjun – sequence: 5 givenname: Yuxin surname: Liu fullname: Liu, Yuxin – sequence: 6 givenname: Wentao surname: Fu fullname: Fu, Wentao – sequence: 7 givenname: Hao surname: Song fullname: Song, Hao – sequence: 8 givenname: Jiajun surname: Zhou fullname: Zhou, Jiajun |
BackLink | https://doi.org/10.48550/arXiv.2403.17980$$DView paper in arXiv |
BookMark | eNotj7FOwzAURT3AAIUPYMI_kPBc24nNVoUSKqVi6R49x6_UEjiVY6ry97SF6d47nCudW3YVx0iMPQgoldEanjAdw6GcK5ClqK2BG9Yt26IZ4zocn_ki8lXM6XsKY-QvlGnI57amvBs9dziR56fdJtzv-AnKCaccDsQ7whRD_Lhj11v8nOj-P2ds87rcNG9F996umkVXYFVD4QYSSoDQEr1WTgknbSWFrDwSKK0G64xBjbXVFgeott4DDdJUDufgwMgZe_y7vej0-xS-MP30Z63-oiV_AduPSOM |
ContentType | Journal Article |
Copyright | http://arxiv.org/licenses/nonexclusive-distrib/1.0 |
Copyright_xml | – notice: http://arxiv.org/licenses/nonexclusive-distrib/1.0 |
DBID | AKY GOX |
DOI | 10.48550/arxiv.2403.17980 |
DatabaseName | arXiv Computer Science arXiv.org |
DatabaseTitleList | |
Database_xml | – sequence: 1 dbid: GOX name: arXiv.org url: http://arxiv.org/find sourceTypes: Open Access Repository |
DeliveryMethod | fulltext_linktorsrc |
ExternalDocumentID | 2403_17980 |
GroupedDBID | AKY GOX |
ID | FETCH-LOGICAL-a670-bce1410153ad54b41b3963136dae0454c9b88a5a7959ac06fdd0ec386ba20b083 |
IEDL.DBID | GOX |
IngestDate | Fri Mar 29 12:25:22 EDT 2024 |
IsDoiOpenAccess | true |
IsOpenAccess | true |
IsPeerReviewed | false |
IsScholarly | false |
Language | English |
LinkModel | DirectLink |
MergedId | FETCHMERGED-LOGICAL-a670-bce1410153ad54b41b3963136dae0454c9b88a5a7959ac06fdd0ec386ba20b083 |
OpenAccessLink | https://arxiv.org/abs/2403.17980 |
ParticipantIDs | arxiv_primary_2403_17980 |
PublicationCentury | 2000 |
PublicationDate | 2024-03-24 |
PublicationDateYYYYMMDD | 2024-03-24 |
PublicationDate_xml | – month: 03 year: 2024 text: 2024-03-24 day: 24 |
PublicationDecade | 2020 |
PublicationYear | 2024 |
Score | 1.9158756 |
SecondaryResourceType | preprint |
Snippet | As the number of IoT devices increases, security concerns become more
prominent. The impact of threats can be minimized by deploying Network
Intrusion... |
SourceID | arxiv |
SourceType | Open Access Repository |
SubjectTerms | Computer Science - Cryptography and Security Computer Science - Learning |
Title | EG-ConMix: An Intrusion Detection Method based on Graph Contrastive Learning |
URI | https://arxiv.org/abs/2403.17980 |
hasFullText | 1 |
inHoldings | 1 |
isFullTextHit | |
isPrint | |
link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwdZ09T8MwEIat0okFgQCVT3lgNaSOYxy2qrQpiMJSpG7V-SOoi4vaCvXnc-cEwcIYx4vfJH7Pyt1zjN0UEnwI_VJYdHOhbKkEOG1EQHfJdcidSuXR01c9eVfP82LeYfynFgbWu-VXwwe2mzuCxd0SUgsP5XtSUspW9TZvfk4mFFc7_3cexphp6I9JjA_ZQRvd8UHzOI5YJ8Rj9jKqxHAVp8vdAx9E_hSpzgHl4I9hmxKhIp-mPs6cLMVzvK4II82JHLWGDW1IvOWgfpyw2Xg0G05E28RAgL7PhHWBMilxXwFfKKv6NsdXHmXwEIh-50prDBRALb_BZbr2PgsuN9qCzCzGR6esG1cx9Bj3tStd4U1tDB4ztLVSZlDjNyprnTsoz1gvLX3x2XAqFqTKIqly_v-tC7Yv0acprUqqS9ZFCcIV-uzWXiexvwEgwXzO |
link.rule.ids | 228,230,780,885 |
linkProvider | Cornell University |
openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=EG-ConMix%3A+An+Intrusion+Detection+Method+based+on+Graph+Contrastive+Learning&rft.au=Wu%2C+Lijin&rft.au=Lei%2C+Shanshan&rft.au=Liao%2C+Feilong&rft.au=Zheng%2C+Yuanjun&rft.date=2024-03-24&rft_id=info:doi/10.48550%2Farxiv.2403.17980&rft.externalDocID=2403_17980 |