code.zip (178.09 kB)

Transfer Learning with Hidden Markov Models Applied on Network Security - MATLAB Code

Version 2 2020-08-04, 09:01

Version 1 2020-07-23, 14:19

software

posted on 2020-08-04, 09:01 authored by Timothy Chadza, Kostas KyriakopoulosKostas Kyriakopoulos, Sangarapillai LambotharanSangarapillai Lambotharan

This code is published under GNU GENERAL PUBLIC LICENSE Version 3. If you use this code, please, cite our 2020 IEEE Access paper “Learning to Learn Sequential Network Attacks using Hidden Markov Models".

This code reproduces the work and results as described in the IEEE Access article "Learning to Learn Sequential Network Attacks Using Hidden Markov Model" by Timothy Chadza, Konstantinos Kyriakopoulos & Sangarapillai Lambotharan.

This code considers a transfer learning (TL) approach that exploits already learned knowledge, gained from a labelled source dataset, and adapts it on a different, unlabelled target dataset. Five unsupervised hidden Markov model techniques are developed utilising a TL approach and evaluated against conventional machine learning approaches. Baum-Welch, Viterbi training, gradient descent, differential evolution and simulated annealing, are deployed for the detection of attack stages in the network traffic, as well as, forecasting both the next most probable attack stage and its method of manifestation. The experiments are conducted on DARPA 2000 processed Snort alerts. A comparative performance evaluation between conventional machine learning and TL has been made using the following metrics: prediction and detection accuracy, Bayesian inference criterion, mean square error and adjusted random index.

To run this code, simply set your path to the root Code folder and run the main.m file.