Network intrusion detection system (NIDS) based on pseudo-siamese stacked autoencoders in fog computing

Document Type

Journal Article

Publication Title

IEEE Transactions on Services Computing

Volume

16

Issue

6

First Page

4317

Last Page

4327

Publisher

IEEE

School

School of Engineering

RAS ID

62433

Funders

Beijing Natural Science Foundation

Comments

Tu, S., Waqas, M., Badshah, A., Yin, M., & Abbas, G. (2023). Network intrusion detection system (NIDS) based on pseudo-siamese stacked autoencoders in fog computing. IEEE Transactions on Services Computing, 16(6), 4317-4327. https://doi.org/10.1109/TSC.2023.3319953

Abstract

The proliferation of Internet of Things (IoT) devices in the 5G era has resulted in increased security vulnerabilities and zero-day attacks, underscoring the importance of network intrusion detection systems (NIDS). However, existing NIDS have limitations in terms of accuracy, recall rates, false alarm rates, and generalization capabilities, and they cannot meet the IoT's requirements for low latency and limited computing resources. To overcome these challenges, we propose a NIDS based on a pseudo-siamese stacked autoencoder (PSSAE), deployed in the fog computing layer. Our system uses unsupervised training of stacked autoencoders (SAEs) to extract deep semantic features of normal and abnormal traffic, followed by supervised learning with labels to improve characterization and classification capabilities. The results show that our proposed method's accuracy and detection rate (DR) is 2% to 15% and 1%-14% higher than the existing techniques using the KDDTest+ dataset, respectively. Our proposed method outperformed the existing methods by 1% to 4% using the KDDTest+ dataset. The F1-Score is higher by 3%-11.55% using the KDDTest+ dataset. On the other hand, using the KDDTest-21 dataset, the accuracy of our proposed method also outperformed the existing technique by 6.09%-13.81%. The DR and F1-Score are higher by 7.02% and 5.57%, respectively, using the KDDTest+ dataset. This is due to the fact that each layer of the network trained by SAEs is more capable of extracting the semantic features of the data than the DNN-trained network directly.

DOI

10.1109/TSC.2023.3319953

Access Rights

subscription content

Share

 
COinS