Few-Shot Learning for Discovering Anomalous Behaviors in Edge Networks

Merna Gamal, Hala M. Abbas, Nour Moustafa, Elena Sitnikova, Rowayda A. Sadek

Research output: Contribution to journalArticlepeer-review

4 Citations (Scopus)
11 Downloads (Pure)


Intrusion Detection Systems (IDSs) have a great interest these days to discover complex attack events and protect the critical infrastructures of the Internet of Things (IoT) networks. Existing IDSs based on shallow and deep network architectures demand high computational resources and high volumes of data to establish an adaptive detection engine that discovers new families of attacks from the edge of IoT networks. However, attackers exploit network gateways at the edge using new attacking scenarios (i.e., zero-day attacks), such as ransomware and Distributed Denial of Service (DDoS) attacks. This paper proposes new IDS based on Few-Shot Deep Learning, named CNN-IDS, which can automatically identify zero-day attacks from the edge of a network and protect its IoT systems. The proposed system comprises two-methodological stages: 1) a filtered Information Gain method is to select themost useful features fromnetwork data, and 2) one-dimensional Convolutional Neural Network (CNN) algorithm is to recognize new attack types from a network s edge. The proposed model is trained and validated using two datasets of theUNSW-NB15 and Bot-IoT. The experimental results showed that it enhances about a 3% detection rate and around a 3% 4% falsepositive rate with the UNSW-NB15 dataset and about an 8% detection rate using the BoT-IoT dataset.

Original languageEnglish
Pages (from-to)1823-1837
Number of pages15
JournalComputers, Materials and Continua
Issue number2
Publication statusPublished - 2021
Externally publishedYes


  • Convolution neural network
  • Edge computing
  • Information gain
  • IoT
  • Vew-shot learning


Dive into the research topics of 'Few-Shot Learning for Discovering Anomalous Behaviors in Edge Networks'. Together they form a unique fingerprint.

Cite this