Outlier Dirichlet Mixture Mechanism: Adversarial Statistical Learning for Anomaly Detection in the Fog

Nour Moustafa, Kim Kwang Raymond Choo*, Ibrahim Radwan, Seyit Camtepe

*Corresponding author for this work

    Research output: Contribution to journalArticlepeer-review

    94 Citations (Scopus)

    Abstract

    Current anomaly detection systems (ADSs) apply statistical and machine learning algorithms to discover zero-day attacks, but such algorithms are vulnerable to advanced persistent threat actors. In this paper, we propose an adversarial statistical learning mechanism for anomaly detection, outlier Dirichlet mixture-based ADS (ODM-ADS), which has three new capabilities. First, it can self-adapt against data poisoning attacks that inject malicious instances in the training phase for disrupting the learning process. Second, it establishes a statistical legitimate profile and considers variations from the baseline of the profile as anomalies using a proposed outlier function. Third, to deal with dynamic and large-scale networks such as Internet of Things and cloud and fog computing, we suggest a framework for deploying the mechanism as Software as a Service in the fog nodes. The fog enables the proposed mechanism to concurrently process streaming data at the edge of the network. The ODM-ADS mechanism is evaluated using both NSL-KDD and UNSW-NB15 datasets, whose findings indicate that ODM-ADS outperforms seven other peer algorithms in terms of accuracy, detection rates, false positive rates, and computational time.

    Original languageEnglish
    Article number8600389
    Pages (from-to)1975-1987
    Number of pages13
    JournalIEEE Transactions on Information Forensics and Security
    Volume14
    Issue number8
    DOIs
    Publication statusPublished - Aug 2019

    Fingerprint

    Dive into the research topics of 'Outlier Dirichlet Mixture Mechanism: Adversarial Statistical Learning for Anomaly Detection in the Fog'. Together they form a unique fingerprint.

    Cite this