Loading…

Enhancing network attack detection across infrastructures: An automatic labeling method and deep learning model with an attention mechanism

In the era of industry 4.0 and the widespread use of digital devices, the number of cyber attacks poses an escalating and diverse threat, jeopardizing users' online activities. Intrusion detection systems (IDS) emerge as pivotal solutions, playing a crucial role in detecting anomalous signals w...

Full description

Saved in:
Bibliographic Details
Published in:IET communications 2024-10, Vol.18 (17), p.1107-1125
Main Authors: Vu, Dinh‐Minh, La, Thi Ha, Nguyen, Gia Bach, Huh, Eui‐Nam, Tran, Hoang Hai
Format: Article
Language:English
Subjects:
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In the era of industry 4.0 and the widespread use of digital devices, the number of cyber attacks poses an escalating and diverse threat, jeopardizing users' online activities. Intrusion detection systems (IDS) emerge as pivotal solutions, playing a crucial role in detecting anomalous signals within network systems. To counter novel attack patterns, IDS systems require periodic rule updates for effective identification of unusual signals. Typically, these policies are updated based on rule‐based or deep learning algorithms to enhance detection performance. However, the insufficient number of labeled samples remains a challenge for real‐world deployment. In this article, an automated labeling method is presented that has shown high effectiveness, requiring minimal hardware resources, and applicable to IDS systems. Additionally, the approach utilizes transfer learning combined with attention mechanisms to boost the efficiency of abnormal signal detection. The results from the approach are compared with those of a reference model, illustrating an overall improvement of nearly 10% in our model's performance compared to the reference model. This underscores the effectiveness of automating rule adjustments for IDS, contributing significantly to reducing associated financial costs. The research addresses the challenges in deploying IDS in real‐world scenarios and provides a valuable contribution to enhancing cyber threat detection capabilities. A preprint has previously been published [11]. The article introduces an automated labeling method for enhancing Intrusion Detection Systems (IDS) in the context of Industry 4.0. Leveraging transfer learning and attention mechanisms, the proposed approach demonstrates nearly a 10% improvement in detection performance compared to reference models, addressing challenges related to limited labeled samples and contributing to more efficient cyber threat detection capabilities. This research offers valuable insights for real‐world deployment of IDS systems, emphasizing the importance of automating rule adjustments to mitigate cyber threats effectively.
ISSN:1751-8628
1751-8636
DOI:10.1049/cmu2.12819