Abstract
In recent years, neural networks-based autoencoders have gained popularity in problems of anomaly detection. Recent approaches have proposed ensembles of autoencoders to detect network intrusions. The computationally expensive ensembles of autoencoders make it challenging to be used for intrusion detection in networks of devices with lower resources, e.g., the Internet of Things, than in the cloud or data centers. To overcome this challenge, in this work, we propose, investigate and compare four methods to reduce the ensemble complexity through adaptive de-activations of autoencoders. These methods differ in their approach to select the autoencoders to de-activate (criteria-based or random) and differ when they conduct the de-activations (post-training or in-training). Extensive experiments on two recent, realistic IoT intrusion detection datasets validate the effectiveness of the proposed methods in achieving satisfactory detection performance at much lower training, re-training and inference time costs. The proposed methods shall enable scalable and efficient intrusion detection systems or services that could be deployed on-device or on-edge.
| Original language | English |
|---|---|
| Pages (from-to) | 1209-1232 |
| Number of pages | 24 |
| Journal | Computing (Vienna/New York) |
| Volume | 103 |
| Issue number | 6 |
| DOIs | |
| State | Published - Jun 2021 |
| Externally published | Yes |
Bibliographical note
Publisher Copyright:© 2021, The Author(s), under exclusive licence to Springer-Verlag GmbH, AT part of Springer Nature.
Keywords
- Anomaly detection
- Autoencoders
- Internet of things security
- Intrusion detection
- Security services
ASJC Scopus subject areas
- Software
- Theoretical Computer Science
- Numerical Analysis
- Computer Science Applications
- Computational Theory and Mathematics
- Computational Mathematics