Semisupervised Adversarial Neural Networks for Cyber Security Transfer Learning

TL;DR

This paper introduces an adversarial Siamese neural network for transfer learning in cybersecurity, improving detection of malicious network events across different enterprise environments by learning more invariant attack representations.

Contribution

It proposes a novel adversarial Siamese neural network that enhances transferability of attack representations across diverse network domains, outperforming naive transfer and CORrelation ALignment methods.

Findings

The proposed model detects more malicious events across datasets.

Naive transfer and CORrelation ALignment fail to detect malicious events in cross-domain evaluation.

The adversarial approach shows some training instability but improves detection performance.

Abstract

On the path to establishing a global cybersecurity framework where each enterprise shares information about malicious behavior, an important question arises. How can a machine learning representation characterizing a cyber attack on one network be used to detect similar attacks on other enterprise networks if each networks has wildly different distributions of benign and malicious traffic? We address this issue by comparing the results of naively transferring a model across network domains and using CORrelation ALignment, to our novel adversarial Siamese neural network. Our proposed model learns attack representations that are more invariant to each network's particularities via an adversarial approach. It uses a simple ranking loss that prioritizes the labeling of the most egregious malicious events correctly over average accuracy. This is appropriate for driving an alert triage workflow wherein an analyst only has time to inspect the top few events ranked highest by the model. In terms of accuracy, the other approaches fail completely to detect any malicious events when models were trained on one dataset are evaluated on another for the first 100 events. While, the method presented here retrieves sizable proportions of malicious events, at the expense of some training instabilities due in adversarial modeling. We evaluate these approaches using 2 publicly available networking datasets, and suggest areas for future research.