Efficient Inductive Transfer Learning based Framework for Zero-Day Attack Detection

An Intrusion Detection System (IDS) is a type of security domain that tracks and evaluates network connections or system operations to detect potential security breaches, unauthorized usage, and malicious activity within computer networks. Machine learning (ML) and deep learning (DL) algorithms provide better IDS based on the labelled dataset. However, due to a lack of labelled data, its effectiveness in detecting zero-day attacks is limited. Anomaly detection methods frequently produce high False Positive Rates (FPR). Transfer learning (TL) is a powerful technique in various domains, including intrusion detection systems (IDS). It also creates advanced classifiers using knowledge extracted from the related source domain(s) with little or no labelled data. This paper introduced zero-day attack detection (ZDAD) model by combining it with transfer learning that helps classify the attacks and non-attacks from the given dataset. Using the UNSW-NB15 dataset, the authors created a Transfer Learning-based prototype in this study. The goal was to unify the feature space for distinguishing unlabeled Generic samples representing zero-day attacks from regular instances using labelled DoS samples. The ZDAD performed admirably, achieving 99.24% accuracy and a low False Positive Rate (FPR) of 0.02%. This performance outperforms current state-of-the-art methods.