Riemannian Space-based Mutual Learning for Cyber Attack Detection
Authors: 
Hua Huang, Yansheng Qu, Ming Li, Zihan Liu, Hua Sheng, Lina ZhaoAuthors Info & Claims
Pages 136 - 142
Abstract
With the continuous development of information technology, the popularity of intelligent devices not only provides great convenience to people's life, but also provides prerequisites for cyber attacks. Deep learning-based cyber attack detection methods have rapidly developed with powerful feature representation and extraction capabilities. However, deep learning-based cyber attack detection models built in traditional Euclidean space cannot effectively capture the complex topology in the attack graphs. In order to efficiently model the potential patterns in the cyber attack graph and thus improve the detection accuracy, a cyber attack detection model built in dual curvatured Riemannian spaces with mutual learning (namely RSML) is proposed. Unlike existing methods, RSML migrates the cyber attack detection model in the traditional Euclidean space to a heterogeneous non-Euclidean learning space and uses the large-scale hierarchical and circular graph structure pattern modeling capabilities possessed by the non-Euclidean curvatured Riemannian geometry space to obtain high-quality attack graph representation vectors, thereby improves the cyber attack detection accuracy. Besides, we innovatively introduce the mutual learning to enable mutual knowledge distillation from dual Riemannian spaces and thus promotes the fusion of complex topological structure features in different embedding spaces. The experimental results show that the proposed method can effectively analyze and detect cyber attacks.
References
[1]
WEI L M.Research on Network Security Risk Mining and Estimation Based on Big Data Analysis[J]. Techniques of Automation and Applications,2022,41(08):80-83.
[2]
LI T. Research on the Application of Deep Learning in Network Security Defense[J]. Network Security Technology & Application,2020(01):34-35.
[3]
WANG S M, WANG H. Intrusion Detection Technology Based on Deep Learning[J]. Network Security Technology & Application,2021(11):10-11.
[4]
BACHMANN G, BÉCIGNEUL G, GANEA O. Constant curvature graph convolutional networks[C]//International Conference on Machine Learning. PMLR, 2020: 486-496.
[5]
GU A, SALA F, GUNEL B, Learning mixed-curvature representations in product spaces[C]//International Conference on Learning Representations. 2018.
[6]
GANEA O, BÉCIGNEUL G, HOFMANN T. Hyperbolic neural networks[J]. Advances in neural information processing systems, 2018, 31.
[7]
ZHANG Y, XIANG T, HOSPEDALES T M, Deep mutual learning[C]//Proceedings of the IEEE conference on computer vision and pattern recognition. 2018: 4320-4328.
[8]
ZHANG D. Research on Security Framework of Radio and TV Network Based on K-Means Method[J]. New Technology & New Products of China, 2020(05):15-17.
[9]
WU N X, LU X Q. Active defense method of network attack based on K-means algorithm and honeypot technology[J]. Telecommunications Information, 2022(10):31-34.
[10]
ZHAO Y. Application of K-means Clustering Algorithm and Logical Regression Model in Network Security[D]. University of International Business and Economics, 2019.
[11]
YANG L, WANG X H, FAN L F. Research on Network Security Situation Elements Extraction Based on Approximate Information Entropy and Random Forest[J]. Network Security Technology & Application, 2022(03):48-49.
[12]
HURLEY N, CHENG Z, ZHANG M. Statistical attack detection[C]//Proceedings of the third ACM conference on Recommender systems. 2009: 149-156.
[13]
PANG M, ZHOU Z H. Unorganized malicious attacks detection[J]. SCIENTIA SINICA Informationis, 2018, 48(2):10.
[14]
PAJOUH H H, JAVIDAN R, KHAYAMI R, A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks[J]. IEEE Transactions on Emerging Topics in Computing, 2016, 7(2): 314-323.
[15]
LI Q, DONG J H, GUAN Z T, A Clustering and Classifi cation-based Malicious Attack Detection Method for Internet of Things[J]. Netinfo Security, 2021 (8): 82-90.
[16]
LIU X Y, YAN W, MENG X Y, HOU K M. A method of finding cyber security user based on network representation learning[J]. CYBER SECURITY AND DATA GOVERNANCE, 2022,41(07):78-82.
[17]
SU X Y, DONG Z W, SUN L H, XU K K. Network Security Situation Prediction Method Based on Sigmoid Weighted Strengthened LSTM[J]. Computer Technology and Development,2021,31(07):127-133.
[18]
SHI F H, LI M F. Network Security Situation Prediction by Fusing Word Embedding and Channel Attention Mechanism[J]. Video Engineering,2022,46(07):22-28.
[19]
POTLURI S, DIEDRICH C. Accelerated deep neural networks for enhanced intrusion detection system[C]//2016 IEEE 21st international conference on emerging technologies and factory automation (ETFA). IEEE, 2016: 1-8.
[20]
ZHOU L, OUYANG X, YING H, Cyber-attack classification in smart grid via deep neural network[C]//Proceedings of the 2nd international conference on computer science and application engineering. 2018: 1-5.
[21]
KIM J, KIM J, THU H L T, Long short term memory recurrent neural network classifier for intrusion detection[C]//2016 international conference on platform technology and service (PlatCon). IEEE, 2016: 1-5.
[22]
FARAHNAKIAN F, HEIKKONEN J. A deep auto-encoder based approach for intrusion detection system[C]//2018 20th International Conference on Advanced Communication Technology (ICACT). IEEE, 2018: 178-183.
[23]
YAO R, LIU C, ZHANG L, Unsupervised anomaly detection using variational auto-encoder based feature extraction[C]//2019 IEEE International Conference on Prognostics and Health Management (ICPHM). IEEE, 2019: 1-7.
[24]
ZHAO D M, LI Z J. Network security situation prediction based on Transformer[J]. Journal of Huazhong University of Science and Technology(Natural Science Edition),2022,50(05):46-52.
[25]
WANG S, WEI X, NOGUEIRA DOS SANTOS C N, Mixed-curvature multi-relational graph neural network for knowledge graph completion[C]//Proceedings of the Web Conference 2021. 2021: 1761-1771.
[26]
ZHANG S, TONG H, XU J, Graph convolutional networks: a comprehensive review[J]. Computational Social Networks, 2019, 6(1): 1-23.
[27]
CREECH G, HU J . A Semantic Approach to Host-Based Intrusion Detection Systems Using Contiguousand Discontiguous System Call Patterns[J]. IEEE Transactions on Computers, 2014, 63(4):807-819.
[28]
WANG H. An Intrusion Detection Method Based on Random Forests Algorithm[J]. Computer Engineering & Software,2016,37(11):60-63.
[29]
HU X D, LV G F, BAI Y. A Method of Security Situation Prediction for Industrial Internet Based on Optimized Support Vector Regression[J]. Acta Electronica Sinica,2022: 1.
[30]
CHEN T, He T, BENESTY M, Xgboost: extreme gradient boosting[J]. R package version 0.4-2, 2015, 1(4): 1-4.
[31]
VELIČKOVIĆ P, CUCURULL G, CASANOVA A, Graph attention networks[J]. arXiv preprint arXiv:1710.10903, 2017.
[32]
ZHANG J, SHI X, XIE J, Gaan: Gated attention networks for learning on large and spatiotemporal graphs[J]. arXiv preprint arXiv:1803.07294, 2018.
[33]
HAMILTON W, YING Z, LESKOVEC J. Inductive representation learning on large graphs[J]. Advances in neural information processing systems, 2017, 30.
Index Terms
- Riemannian Space-based Mutual Learning for Cyber Attack Detection
Recommendations
Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain
In recent years, machine learning algorithms, and more specifically deep learning algorithms, have been widely used in many fields, including cyber security. However, machine learning systems are vulnerable to adversarial attacks, and this limits the ...
Defend against adversarial attacks in malware detection through attack space management
AbstractIn recent years, the application of machine learning techniques based on byte sequences in malware detection has become a prominent research area. However, relevant studies have shown that machine learning methods are susceptible to adversarial ...
Robust DDoS attack detection with adaptive transfer learning
AbstractIn the evolving cybersecurity landscape, the rising frequency of Distributed Denial of Service (DDoS) attacks requires robust defense mechanisms to safeguard network infrastructure availability and integrity. Deep Learning (DL) models have ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
October 2023
196 pages
ISBN:9798400709456
DOI:10.1145/3635638
Copyright © 2023 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 16 January 2024
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
- Science and Technology Project of State Grid Shandong Electric Power Company: Research on Key Technologies of Complex Cyberspace Attack Behavior Analysis Based on Object Portrait
Conference
MLMI 2023
MLMI 2023: The 6th International Conference on Machine Learning and Machine Intelligence
October 27 - 29, 2023
Chongqing, China
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 23Total Downloads
- Downloads (Last 12 months)18
- Downloads (Last 6 weeks)4
Reflects downloads up to 03 Mar 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format