Network intrusion detection is one of the critical techniques to enhance cybersecurity. Several few-shot learning-based methods have recently been proposed to alleviate the dependence on large training samples in many supervised learning methods. However, it is still a challenge to achieve real-time higher-accuracy intrusion detection which is an essential requirement for high-speed network security. In this study, we propose a novel few-shot learning-based network intrusion detection method to address this challenge. Specifically, we improve the detection accuracy and real-time processing speed simultaneously in the metric procedure via two mechanisms: (i) we utilize a hard sample selection scheme as a refining stage of our triplet network model training to increase the detection accuracy; and (ii) we design a lightweight embedding network and parallelize the metric feature extraction process to achieve real-time analysis speed. To evaluate the proposed method, we construct few-shot learning-based datasets by using two real and heterogeneous network traffic intrusion detection data sources. Extensive results demonstrate that our method outperforms the state-of-the-art methods in terms of real-time performance and high detection accuracy of malicious samples.
Bibliographical noteFunding Information:
This work was supported by the Youth Fund Project of the National Nature Fund of China under grant no. 62002038.
© 2022 Ji-Yu Tian et al.