Search papers, labs, and topics across Lattice.
This paper explores the application of Kolmogorov-Arnold Networks (KANs) to cybersecurity threat detection in IoT networks, leveraging KANs' adaptive activation functions for improved performance. A novel KAN-LSTM model is introduced to combine spatial and temporal encoding, enhancing threat detection capabilities. Experiments on UNSW-NB15, NSL-KDD, and CICID2017 datasets, along with a newly created IoT-focused dataset, demonstrate that KAN-LSTM and KAN models outperform traditional deep learning models with fewer parameters.
KANs, by replacing static weights with learnable splines, achieve superior cybersecurity threat detection in IoT networks compared to MLPs, while using significantly fewer parameters.
By utilising their adaptive activation functions, Kolmogorov-Arnold Networks (KANs) can be applied in a novel way for the diverse machine learning tasks, including cyber threat detection. KANs substitute conventional linear weights with spline-parametrized univariate functions, which allows them to learn activation patterns dynamically, inspired by the Kolmogorov-Arnold representation theorem. In a network traffic data, we show that KANs perform better than traditional Multi-Layer Perceptrons (MLPs), yielding more accurate results with a significantly less number of learnable parameters. We also propose KAN-LSTM model to combine advantages of spatial and temporal encoding. The suggested methodology highlights the potential of KANs as an effective tool in detecting cyber threats and offers up new directions for adaptive defensive models. Lastly, we conducted experiments on three main dataset, UNSW-NB15, NSL-KDD, and CICID2017, as well as we developed a new dataset combined from IOT-BOT, NSL-KDD, and CICID2017 to present a stable, unbiased, large-scale dataset with diverse traffic patterns. The results show the superiority of KAN-LSTM and then KAN models over the traditional deep learning models. The source code is available at GitHub repository
