Parker, L. and Yoo, Paul D. and Asyhari, T. and Chermak, L. and Jhi, Y. and Taha, K. (2019) DEMISe: interpretable deep extraction and mutual information selection techniques for IoT intrusion detection. In: UNSPECIFIED (ed.) ARES '19 Proceedings of the 14th International Conference on Availability, Reliability and Security. ACM. ISBN 9781450371643.
|
Text
DEMISe combined v16 - Camera Ready v2.pdf - Author's Accepted Manuscript Download (908kB) | Preview |
Abstract
Recent studies have proposed that traditional security technology – involving pattern-matching algorithms that check predefined pattern sets of intrusion signatures – should be replaced with sophisticated adaptive approaches that combine machine learning and behavioural analytics. However, machine learning is performance driven, and the high computational cost is incompatible with the limited computing power, memory capacity and energy resources of portable IoT-enabled devices. The convoluted nature of deep-structured machine learning means that such models also lack transparency and interpretability. The knowledge obtained by interpretable learners is critical in security software design. We therefore propose two novel models featuring a common Deep Extraction and Mutual Information Selection (DEMISe) element which extracts features using a deep-structured stacked autoencoder, prior to feature selection based on the amount of mutual information (MI) shared between each feature and the class label. An entropy-based tree wrapper is used to optimise the feature subsets identified by the DEMISe element, yielding the DEMISe with Tree Evaluation and Regression Detection (DETEReD) model. This affords ‘white box’ insight, and achieves a time to build of 603 seconds, a 99.07% detection rate, and 98.04% model accuracy. When tested against AWID, the best-referenced intrusion detection dataset, the new models achieved a test error comparable to or better than state-of-the-art machine-learning models, with a lower computational cost and higher levels of transparency and interpretability.
Metadata
Item Type: | Book Section |
---|---|
Additional Information: | Canterbury, CA, United Kingdom — August 26 - 29, 2019 |
School: | Birkbeck Faculties and Schools > Faculty of Science > School of Computing and Mathematical Sciences |
Depositing User: | Paul Yoo |
Date Deposited: | 17 Sep 2019 10:43 |
Last Modified: | 09 Aug 2023 12:46 |
URI: | https://eprints.bbk.ac.uk/id/eprint/28912 |
Statistics
Additional statistics are available via IRStats2.