Institute of Computing Technology, Chinese Academy IR
| BoAu: Malicious traffic detection with noise labels based on boundary augmentation | |
| Yuan, Qingjun1,2; Liu, Chang3,4; Yu, Wentao1,5; Zhu, Yuefei1,2; Xiong, Gang3,4; Wang, Yongjuan1,2; Gou, Gaopeng3,4 | |
| 2023-08-01 | |
| 发表期刊 | COMPUTERS & SECURITY
 |
| ISSN | 0167-4048 |
| 卷号 | 131页码:13 |
| 摘要 | The effectiveness of deep-learning-based malicious traffic detection systems relies on high-quality labeled traffic datasets. However, malicious traffic labeling approaches can easily lead to incorrect labeling, which can have a harmful impact on models. To this end, various methods for learning with noise labels have been proposed. They exclude suspected wrong samples from model updates to ensure accuracy. However, this also removes hard samples, resulting in poor model decision boundaries and the loss of ability to classify hard samples. In this paper, we propose a boundary-augmentation-based approach for malicious traffic identification named BoAu. Unlike other approaches, BoAu treats all samples, including hard sam-ples, equally during training to construct more accurate decision boundaries and thus improve accuracy. Meanwhile, a decision boundary augmentation module is designed to mitigate the impact of mislabeled hard samples on decision boundary generation. The decision boundary augmentation module adaptively adjusts the losses of hard samples based on their distance from the cluster to which their labels belong and other clusters, thus driving the shared feature representation network to fit the true label distribu-tion. We validated BoAu in identifying malicious traffic with noise labels on a dataset covering 22 classes of realistic encrypted malicious traffic. Experimental results showed that even under scenarios with up to 90% noise labels, the classification accuracy was still over 80%, which was better than the state-of-the-art approaches. In addition, we validated the applicability of BoAu on several public datasets, including CIC-IDS-2017 and IoT-23.& COPY; 2023 Published by Elsevier Ltd. |
| 关键词 | Malicious traffic detection Deep learning Learning with noise labels Decision boundaries Encrypted traffic |
| DOI | 10.1016/j.cose.2023.103300 |
| 收录类别 | SCI |
| 语种 | 英语 |
| 资助项目 | National Key Research and Development Program of China[2021YFB3101400] ; Strategic Priority Research Program of Chinese Academy of Sciences[XDC02040400] |
| WOS研究方向 | Computer Science |
| WOS类目 | Computer Science, Information Systems |
| WOS记录号 | WOS:001012905000001 |
| 出版者 | ELSEVIER ADVANCED TECHNOLOGY |
| 引用统计 | |
| 文献类型 | 期刊论文 |
| 条目标识符 | http://119.78.100.204/handle/2XEOYT63/21232 |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Gou, Gaopeng |
| 作者单位 | 1.Strateg Support Force Informat Engn Univ, Zhengzhou 450001, Peoples R China 2.Henan Key Lab Network Cryptog Technol, Zhengzhou 450001, Peoples R China 3.Chinese Acad Sci, Inst Informat Engn, Beijing 100093, Peoples R China 4.Univ Chinese Acad Sci, Sch Cyber Secur, Beijing 100093, Peoples R China 5.Chinese Acad Sci, Inst Comp Technol, Beijing 100190, Peoples R China |
| 推荐引用方式 GB/T 7714 | Yuan, Qingjun,Liu, Chang,Yu, Wentao,et al. BoAu: Malicious traffic detection with noise labels based on boundary augmentation[J]. COMPUTERS & SECURITY,2023,131:13. |
| APA | Yuan, Qingjun.,Liu, Chang.,Yu, Wentao.,Zhu, Yuefei.,Xiong, Gang.,...&Gou, Gaopeng.(2023).BoAu: Malicious traffic detection with noise labels based on boundary augmentation.COMPUTERS & SECURITY,131,13. |
| MLA | Yuan, Qingjun,et al."BoAu: Malicious traffic detection with noise labels based on boundary augmentation".COMPUTERS & SECURITY 131(2023):13. |
| 条目包含的文件 | 条目无相关文件。 | |||||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论