The digitization of different components of industry and inter-connectivity
among indigenous networks have increased the risk of network attacks. Designing
an intrusion detection system to ensure security of the industrial ecosystem is
difficult as network traffic encompasses various attack types, including new
and evolving ones with minor changes. The data used to construct a predictive
model for computer networks has a skewed class distribution and limited
representation of attack types, which differ from real network traffic. These
limitations result in dataset shift, negatively impacting the machine learning
models' predictive abilities and reducing the detection rate against novel
attacks. To address the challenges, we propose a novel deep neural network
based Meta-Learning framework; INformation FUsion and Stacking Ensemble
(INFUSE) for network intrusion detection. First, a hybrid feature space is
created by integrating decision and feature spaces. Five different classifiers
are utilized to generate a pool of decision spaces. The feature space is then
enriched through a deep sparse autoencoder that learns the semantic
relationships between attacks. Finally, the deep Meta-Learner acts as an
ensemble combiner to analyze the hybrid feature space and make a final
decision. Our evaluation on stringent benchmark datasets and comparison to
existing techniques showed the effectiveness of INFUSE with an F-Score of 0.91,
Accuracy of 91.6%, and Recall of 0.94 on the Test+ dataset, and an F-Score of
0.91, Accuracy of 85.6%, and Recall of 0.87 on the stringent Test-21 dataset.
These promising results indicate the strong generalization capability and the
potential to detect network attacks.Comment: Pages: 15, Figures: 10 and Tables: