Tongxin xuebao (Mar 2023)

Method based on contrastive incremental learning for fine-grained malicious traffic classification

  • Yifeng WANG,
  • Yuanbo GUO,
  • Qingli CHEN,
  • Chen FANG,
  • Renhao LIN,
  • Yongliang ZHOU,
  • Jiali MA

Journal volume & issue
Vol. 44
pp. 1 – 11

Abstract

Read online

In order to protect against continuously emerging unknown threats, a new method based on contrastive incremental learning for fine-grained malicious traffic classification was proposed.The proposed method was based on variational auto-encoder (VAE) and extreme value theory (EVT), and the high accuracy could be achieved in known, few-shot and unknown malicious classes and new classes were also identified without using a large number of old task samples, which met the demand of storage and time cost in incremental learning scenarios.Specifically, the contrastive learning was integrated into the encoder of VAE, and the A-Softmax was used for known and few-shot malicious traffic classification, EVT and the decoder of VAE were used for unknown malicious traffic recognition, all classes could be recognized without a lot of old samples when learning new tasks by using VAE reconstruction and knowledge distillation methods.Experimental results indicate that the proposed method is efficient in known, few-shot and unknown malicious classes, and has greatly reduced the forgetting speed of old knowledge in incremental learning scenarios.

Keywords