Method based on contrastive incremental learning for fine-grained malicious traffic classification
In order to protect against continuously emerging unknown threats, a new method based on contrastive incremental learning for fine-grained malicious traffic classification was proposed.The proposed method was based on variational auto-encoder (VAE) and extreme value theory (EVT), and the high accura...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2023-03-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2023068/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841540062591844352 |
|---|---|
| author | Yifeng WANG Yuanbo GUO Qingli CHEN Chen FANG Renhao LIN Yongliang ZHOU Jiali MA |
| author_facet | Yifeng WANG Yuanbo GUO Qingli CHEN Chen FANG Renhao LIN Yongliang ZHOU Jiali MA |
| author_sort | Yifeng WANG |
| collection | DOAJ |
| description | In order to protect against continuously emerging unknown threats, a new method based on contrastive incremental learning for fine-grained malicious traffic classification was proposed.The proposed method was based on variational auto-encoder (VAE) and extreme value theory (EVT), and the high accuracy could be achieved in known, few-shot and unknown malicious classes and new classes were also identified without using a large number of old task samples, which met the demand of storage and time cost in incremental learning scenarios.Specifically, the contrastive learning was integrated into the encoder of VAE, and the A-Softmax was used for known and few-shot malicious traffic classification, EVT and the decoder of VAE were used for unknown malicious traffic recognition, all classes could be recognized without a lot of old samples when learning new tasks by using VAE reconstruction and knowledge distillation methods.Experimental results indicate that the proposed method is efficient in known, few-shot and unknown malicious classes, and has greatly reduced the forgetting speed of old knowledge in incremental learning scenarios. |
| format | Article |
| id | doaj-art-a7057c7fa61949bb8337696adc508ac2 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2023-03-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-a7057c7fa61949bb8337696adc508ac22025-01-14T06:23:17ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2023-03-014411159387488Method based on contrastive incremental learning for fine-grained malicious traffic classificationYifeng WANGYuanbo GUOQingli CHENChen FANGRenhao LINYongliang ZHOUJiali MAIn order to protect against continuously emerging unknown threats, a new method based on contrastive incremental learning for fine-grained malicious traffic classification was proposed.The proposed method was based on variational auto-encoder (VAE) and extreme value theory (EVT), and the high accuracy could be achieved in known, few-shot and unknown malicious classes and new classes were also identified without using a large number of old task samples, which met the demand of storage and time cost in incremental learning scenarios.Specifically, the contrastive learning was integrated into the encoder of VAE, and the A-Softmax was used for known and few-shot malicious traffic classification, EVT and the decoder of VAE were used for unknown malicious traffic recognition, all classes could be recognized without a lot of old samples when learning new tasks by using VAE reconstruction and knowledge distillation methods.Experimental results indicate that the proposed method is efficient in known, few-shot and unknown malicious classes, and has greatly reduced the forgetting speed of old knowledge in incremental learning scenarios.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2023068/network traffic classificationvariational auto-encoderincremental learningcontrastive learning |
| spellingShingle | Yifeng WANG Yuanbo GUO Qingli CHEN Chen FANG Renhao LIN Yongliang ZHOU Jiali MA Method based on contrastive incremental learning for fine-grained malicious traffic classification Tongxin xuebao network traffic classification variational auto-encoder incremental learning contrastive learning |
| title | Method based on contrastive incremental learning for fine-grained malicious traffic classification |
| title_full | Method based on contrastive incremental learning for fine-grained malicious traffic classification |
| title_fullStr | Method based on contrastive incremental learning for fine-grained malicious traffic classification |
| title_full_unstemmed | Method based on contrastive incremental learning for fine-grained malicious traffic classification |
| title_short | Method based on contrastive incremental learning for fine-grained malicious traffic classification |
| title_sort | method based on contrastive incremental learning for fine grained malicious traffic classification |
| topic | network traffic classification variational auto-encoder incremental learning contrastive learning |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2023068/ |
| work_keys_str_mv | AT yifengwang methodbasedoncontrastiveincrementallearningforfinegrainedmalicioustrafficclassification AT yuanboguo methodbasedoncontrastiveincrementallearningforfinegrainedmalicioustrafficclassification AT qinglichen methodbasedoncontrastiveincrementallearningforfinegrainedmalicioustrafficclassification AT chenfang methodbasedoncontrastiveincrementallearningforfinegrainedmalicioustrafficclassification AT renhaolin methodbasedoncontrastiveincrementallearningforfinegrainedmalicioustrafficclassification AT yongliangzhou methodbasedoncontrastiveincrementallearningforfinegrainedmalicioustrafficclassification AT jialima methodbasedoncontrastiveincrementallearningforfinegrainedmalicioustrafficclassification |