Abstract
Recent studies have proposed that traditional security technology – involving pattern-matching algorithms that check predefined pattern sets of intrusion signatures – should be replaced with sophisticated adaptive approaches that combine machine learning and behavioural analytics. However, machine learning is performance driven, and the high computational cost is incompatible with the limited computing power, memory capacity and energy resources of portable IoT-enabled devices. The convoluted nature of deep-structured machine learning means that such models also lack transparency and interpretability. The knowledge obtained by interpretable learners is critical in security software design. We therefore propose two novel models featuring a common Deep Extraction and Mutual Information Selection (DEMISe) element which extracts features using a deep-structured stacked autoencoder, prior to feature selection based on the amount of mutual information (MI) shared between each feature and the class label. An entropy-based tree wrapper is used to optimise the feature subsets identified by the DEMISe element, yielding the DEMISe with Tree Evaluation and Regression Detection (DETEReD) model. This affords ‘white box’ insight, and achieves a time to build of 603 seconds, a 99.07% detection rate, and 98.04% model accuracy. When tested against AWID, the best-referenced intrusion detection dataset, the new models achieved a test error comparable to or better than state-of-the-art machine-learning models, with a lower computational cost and higher levels of transparency and interpretability.
Original language | English |
---|---|
Title of host publication | ARES 2019 - 14th International Conference on Availability, Reliability and Security |
Editors | Steven Furnell, Vasilis Katos |
Place of Publication | New York NY USA |
Publisher | Association for Computing Machinery (ACM) |
Number of pages | 10 |
ISBN (Electronic) | 9781450371643 |
DOIs | |
Publication status | Published - 2019 |
Externally published | Yes |
Event | International Workshop on Location Privacy 2019 - Canterbury, United Kingdom Duration: 26 Aug 2019 → 29 Aug 2019 Conference number: 1st https://dl.acm.org/doi/proceedings/10.1145/3339252 (Proceedings) https://2019.ares-conference.eu/index.html#:~:text=The%2014th%20International%20Conference%20on,co%2Dlocated%20with%20ARES%202019! (Website) |
Conference
Conference | International Workshop on Location Privacy 2019 |
---|---|
Abbreviated title | LPW 2019 |
Country/Territory | United Kingdom |
City | Canterbury |
Period | 26/08/19 → 29/08/19 |
Internet address |
Keywords
- Deep learning
- Feature engineering
- IoT
- Lightweight intrusion detection
- Mutual information
- Security mobility applications
- Security of resource constrained devices
- White-box modelling