TY - GEN
T1 - FewFine
T2 - 2022 IEEE SmartWorld, 19th IEEE International Conference on Ubiquitous Intelligence and Computing, 2022 IEEE International Conference on Autonomous and Trusted Vehicles Conference, 22nd IEEE International Conference on Scalable Computing and Communications, 2022 IEEE International Conference on Digital Twin, 8th IEEE International Conference on Privacy Computing and 2022 IEEE International Conference on Metaverse, SmartWorld/UIC/ATC/ScalCom/DigitalTwin/PriComp/Metaverse 2022
AU - Liu, Xingtong
AU - Shen, Meng
AU - Cui, Laizhong
AU - Ye, Ke
AU - Jia, Jizhe
AU - Yue, Guangchun
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - Malware traffic is constantly evolving and remains destructive. The detection and classification of malware traffic is crucial for maintaining cyberspace security. Only by swiftly and accurately detecting and classifying malware traffic can user privacy and cyberspace security be effectively protected.In this paper, we propose FewFine, an approach for few-shot malware traffic classification based on transfer learning. We initially pre-train a detection model and two classification models with substantial quantity of malware and application traffic samples. For classifying new types of malware traffic accurately and promptly, we utilize transfer learning based on fine-tuning strategy and freeze several blocks in the pre-trained model. Utilizing prior knowledge from the pre-trained models, we leverage few samples of novel classes to perform accurate malware detection and classification. We execute extensive experiments on publicly available datasets to evaluate the effectiveness of FewFine. In model pre-training, with considerable number of samples, the accuracy of malware detection and classification can reach 0.99. The pre-trained models are saved for fine-tuning. When detecting and classifying novel malware traffic, FewFine can achieve the accuracy of 0.95 leveraging only 10 samples per class through fine-tuning the pre-trained model. It outperforms methods under comparison in terms of accuracy and efficiency.
AB - Malware traffic is constantly evolving and remains destructive. The detection and classification of malware traffic is crucial for maintaining cyberspace security. Only by swiftly and accurately detecting and classifying malware traffic can user privacy and cyberspace security be effectively protected.In this paper, we propose FewFine, an approach for few-shot malware traffic classification based on transfer learning. We initially pre-train a detection model and two classification models with substantial quantity of malware and application traffic samples. For classifying new types of malware traffic accurately and promptly, we utilize transfer learning based on fine-tuning strategy and freeze several blocks in the pre-trained model. Utilizing prior knowledge from the pre-trained models, we leverage few samples of novel classes to perform accurate malware detection and classification. We execute extensive experiments on publicly available datasets to evaluate the effectiveness of FewFine. In model pre-training, with considerable number of samples, the accuracy of malware detection and classification can reach 0.99. The pre-trained models are saved for fine-tuning. When detecting and classifying novel malware traffic, FewFine can achieve the accuracy of 0.95 leveraging only 10 samples per class through fine-tuning the pre-trained model. It outperforms methods under comparison in terms of accuracy and efficiency.
KW - application traffic classification
KW - few-shot
KW - fine-tune
KW - malware traffic classification
KW - transfer learning
UR - http://www.scopus.com/inward/record.url?scp=85168150070&partnerID=8YFLogxK
U2 - 10.1109/SmartWorld-UIC-ATC-ScalCom-DigitalTwin-PriComp-Metaverse56740.2022.00080
DO - 10.1109/SmartWorld-UIC-ATC-ScalCom-DigitalTwin-PriComp-Metaverse56740.2022.00080
M3 - Conference contribution
AN - SCOPUS:85168150070
T3 - Proceedings - 2022 IEEE SmartWorld, Ubiquitous Intelligence and Computing, Autonomous and Trusted Vehicles, Scalable Computing and Communications, Digital Twin, Privacy Computing, Metaverse, SmartWorld/UIC/ATC/ScalCom/DigitalTwin/PriComp/Metaverse 2022
SP - 425
EP - 432
BT - Proceedings - 2022 IEEE SmartWorld, Ubiquitous Intelligence and Computing, Autonomous and Trusted Vehicles, Scalable Computing and Communications, Digital Twin, Privacy Computing, Metaverse, SmartWorld/UIC/ATC/ScalCom/DigitalTwin/PriComp/Metaverse 2022
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 15 December 2022 through 18 December 2022
ER -