Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Heterogenous Domain Adaptation for Multi stream Classification on Cyber Threat Data

Published

Author(s)

Yi Fan Li, Yang Gao, G Ayoade, L Khan, Anoop Singhal, B Thuraisingham

Abstract

Under a newly introduced setting of multi stream classification, two data streams are involved, which are referred to as source and target streams. The source stream continuously generates data instances from a certain domain with labels, while the target stream does the same task without labels from another domain. Existing approaches assume that domains for both data streams are identical, which is not quite true, since data streams from different sources may contain distinct features. Indeed, they may even have different numbers of features. Furthermore, obtaining labels for every instance in a data stream is often expensive and time-consuming. Therefore, it has become an important topic to explore if classes of labeled instances from other related streams are helpful to predict the classes of unlabeled instances in a different stream. Note that domains of source and target streams may have distinct feature spaces and data distributions. Our objective is to predict class labels of data instances in the target stream by using the classifiers trained by the source stream. We propose a framework of multistream classification by using projected data from a common latent feature space, which is embedded from both source and target domains. This framework is also crucial for enterprise system defenders to detect cross-platform attacks, such as Advanced Persistent Threats (APTs). Empirical valuation and analysis on both real-world and synthetic datasets are performed to validate the effectiveness of our proposed algorithm, comparing to state-of-the-art techniques. Experimental results show that our approach significantly outperforms other existing approaches
Citation
IEEE Transactions on Dependable and Secure Computing
Volume
21
Issue
1

Keywords

Attack detection, Multistream classification, Domain adaptation

Citation

Li, Y. , Gao, Y. , Ayoade, G. , Khan, L. , Singhal, A. and Thuraisingham, B. (2022), Heterogenous Domain Adaptation for Multi stream Classification on Cyber Threat Data, IEEE Transactions on Dependable and Secure Computing, [online], https://doi.org/10.1109/TDSC.2022.3181682, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=934608 (Accessed December 3, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created June 13, 2022, Updated July 18, 2024