Browse by author
Lookup NU author(s): Yizhou Shen
Full text for this publication is not currently held within this repository. Alternative links are provided below where available.
© 2023 Elsevier B.V.How to process and classify zero-day attacks due to their huge damage to social Internet of Things (SIoT) systems has become a hot research issue. To solve this issue, we propose a heuristic learning intrusion detection system with Deep Q-Networks (DQN) for edge-based SIoT networks under the scenario of insufficient training samples, which is named DQN-HIDS. It is composed of an SIoT network traffic processing module and a DQN-based heuristic learning network. The SIoT network traffic processing module generates SIoT traffic samples, selects samples entering a classifier and a cybersecurity examiner center, and outputs similarity. We integrate DQN into a heuristic learning network to gradually improve its ability to identify malicious traffic. Specially, reward functions are designed according to the selected actions of the network, in order to punish the behavior of incorrectly labeling malicious samples and make variable reward functions adapt to different execution actions. The LSTM-based DQN then maximizes the cumulative expected reward to find the optimal strategy for the heuristic learning network. Consequently, DQN-HIDS gradually improves the behavior frequency of its labeling, reduces resource workloads, and increases the ability to label SIoT network traffic. Experiments show the performance of DQN-HIDS in terms of the workload of the examiner center and the queue workload of delayed samples, the rewards obtained by the DQN-based heuristic learning network, and the accuracy of the classifier. Comparisons with a state-of-the-art deep learning model and typical machine learning methods are also made, demonstrating the advantages of DQN-HIDS with fewer SIoT network traffic samples.
Author(s): Shen S, Cai C, Li Z, Shen Y, Wu G, Yu S
Publication type: Article
Publication status: Published
Journal: Applied Soft Computing
Year: 2024
Volume: 150
Print publication date: 01/01/2024
Online publication date: 22/11/2023
Acceptance date: 19/11/2023
ISSN (print): 1568-4946
ISSN (electronic): 1872-9681
Publisher: Elsevier Ltd
URL: https://doi.org/10.1016/j.asoc.2023.111080
DOI: 10.1016/j.asoc.2023.111080
Altmetrics provided by Altmetric
