Since the advent of the Internet of Things (IoT), exchanging vast amounts of information has increased the number of security threats in networks. As a result, intrusion detection based on deep learning (DL) has been developed to achieve high throughput and high precision. Unlike general deep learning-based scenarios, IoT networks contain benign traffic far more than abnormal traffic, with some rare attacks. However, most existing studies have been focused on sacrificing the detection rate of the majority class in order to improve the detection rate of the minority class in class-imbalanced IoT networks. Although this way can reduce the false negative rate of minority classes, it both wastes resources and reduces the credibility of the intrusion detection systems. To address this issue, we propose a lightweight framework named S2CGAN-IDS. The proposed framework leverages the distribution characteristics of network traffic to expand the number of minority categories in both data space and feature space, resulting in a substantial increase in the detection rate of minority categories while simultaneously ensuring the detection precision of majority categories. To reduce the impact of sparsity on the experiments, the CICIDS2017 numeric dataset is utilized to demonstrate the effectiveness of the proposed method. The experimental results indicate that our proposed approach outperforms the superior method in both Precision and Recall, particularly with a 10.2% improvement in the F1-score.

翻译：自物联网（IoT）问世以来，海量信息的交换增加了网络中的安全威胁数量。因此，基于深度学习（DL）的入侵检测方法被开发出来，以实现高吞吐量和高精度。与通用的深度学习场景不同，物联网网络中的良性流量远多于异常流量，且包含一些罕见的攻击类型。然而，现有研究大多侧重于通过牺牲多数类别的检测率来提升类不平衡物联网网络中少数类别的检测率。尽管这种方法能够降低少数类别的漏报率，但既浪费资源又降低了入侵检测系统的可信度。为解决这一问题，我们提出了一种名为S2CGAN-IDS的轻量级框架。该框架利用网络流量的分布特征，在数据空间和特征空间中同时扩展少数类别的数量，从而在显著提升少数类别检测率的同时，确保多数类别的检测精度。为降低稀疏性对实验的影响，我们采用CICIDS2017数值型数据集验证所提方法的有效性。实验结果表明，我们提出的方法在精确率和召回率上均优于现有最优方法，其中F1分数提升了10.2%。