Li, Y.
, Gao, Y.
, Ayoade, G.
, Khan, L.
, Singhal, A.
and Thuraisingham, B.
(2022),
Heterogenous Domain Adaptation for Multi stream Classification on Cyber Threat Data, IEEE Transactions on Dependable and Secure Computing, [online], https://doi.org/10.1109/TDSC.2022.3181682, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=934608
(Accessed July 26, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Heterogenous Domain Adaptation for Multi stream Classification on Cyber Threat Data
Published
Author(s)
Yi Fan Li, Yang Gao, G Ayoade, L Khan, , B Thuraisingham
Abstract
Under a newly introduced setting of multi stream classification, two data streams are involved, which are referred to as source and target streams. The source stream continuously generates data instances from a certain domain with labels, while the target stream does the same task without labels from another domain. Existing approaches assume that domains for both data streams are identical, which is not quite true, since data streams from different sources may contain distinct features. Indeed, they may even have different numbers of features. Furthermore, obtaining labels for every instance in a data stream is often expensive and time-consuming. Therefore, it has become an important topic to explore if classes of labeled instances from other related streams are helpful to predict the classes of unlabeled instances in a different stream. Note that domains of source and target streams may have distinct feature spaces and data distributions. Our objective is to predict class labels of data instances in the target stream by using the classifiers trained by the source stream. We propose a framework of multistream classification by using projected data from a common latent feature space, which is embedded from both source and target domains. This framework is also crucial for enterprise system defenders to detect cross-platform attacks, such as Advanced Persistent Threats (APTs). Empirical valuation and analysis on both real-world and synthetic datasets are performed to validate the effectiveness of our proposed algorithm, comparing to state-of-the-art techniques. Experimental results show that our approach significantly outperforms other existing approachesCitation
IEEE Transactions on Dependable and Secure Computing
Volume
21
Issue
1
Pub Type
Journals
Download Paper
Keywords
Attack detection, Multistream classification, Domain adaptation
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.
Created June 13, 2022, Updated July 18, 2024