The search functionality is under construction.
The search functionality is under construction.

Few-Shot Learning-Based Malicious IoT Traffic Detection with Prototypical Graph Neural Networks

Thin Tharaphe THEIN, Yoshiaki SHIRAISHI, Masakatu MORII

  • Full Text Views

    0

  • Cite this

Summary :

With a rapidly escalating number of sophisticated cyber-attacks, protecting Internet of Things (IoT) networks against unauthorized activity is a major concern. The detection of malicious attack traffic is thus crucial for IoT security to prevent unwanted traffic. However, existing traditional malicious traffic detection systems which relied on supervised machine learning approach need a considerable number of benign and malware traffic samples to train the machine learning models. Moreover, in the cases of zero-day attacks, only a few labeled traffic samples are accessible for analysis. To deal with this, we propose a few-shot malicious IoT traffic detection system with a prototypical graph neural network. The proposed approach does not require prior knowledge of network payload binaries or network traffic signatures. The model is trained on labeled traffic data and tested to evaluate its ability to detect new types of attacks when only a few labeled traffic samples are available. The proposed detection system first categorizes the network traffic as a bidirectional flow and visualizes the binary traffic flow as a color image. A neural network is then applied to the visualized traffic to extract important features. After that, using the proposed few-shot graph neural network approach, the model is trained on different few-shot tasks to generalize it to new unseen attacks. The proposed model is evaluated on a network traffic dataset consisting of benign traffic and traffic corresponding to six types of attacks. The results revealed that our proposed model achieved an F1 score of 0.91 and 0.94 in 5-shot and 10-shot classification, respectively, and outperformed the baseline models.

Publication
IEICE TRANSACTIONS on Information Vol.E106-D No.9 pp.1480-1489
Publication Date
2023/09/01
Publicized
2023/06/22
Online ISSN
1745-1361
DOI
10.1587/transinf.2022OFP0004
Type of Manuscript
Special Section PAPER (Special Section on Log Data Usage Technology and Office Information Systems)
Category

Authors

Thin Tharaphe THEIN
  Kobe University
Yoshiaki SHIRAISHI
  Kobe University
Masakatu MORII
  Kobe University

Keyword