Enhancing network intrusion detection by lifelong active online learning
學年 112
學期 2
出版(發表)日期 2024-04-11
作品名稱 Enhancing network intrusion detection by lifelong active online learning
作品名稱(其他語言)
著者 Chuang, Po-jen; Huang, Pang‑yu
單位
出版者
著錄名稱、卷期、頁數 The Journal of Supercomputing
摘要 Machine learning has been widely used to build intrusion detection models in detecting unknown attack traffic. How to train a model properly in order to attain the desired intrusion detection is an important topic. In contrast to offline learning, online learning proves more practical as it can update models simultaneously in the detecting process to comply with real network traffic. Active learning is an effective way to realize online learning. Among existing active learning mechanisms proposed to perform intrusion detection, most fail to meet the real online environment or to run persistently. This paper presents a new active online learning mechanism to secure better intrusion detection performance. The new mechanism advances related works in bringing the lifelong learning practice to fit in the online environment. It uses the efficient random forest (RF) as the detection model to train samples and adds a new tree to train a new batch of data when updating the model at each online stage, to pursue lifelong learning. By training a new batch of data only, it can keep the previously trained weights from being updated so as to preserve the past knowledge. Our mechanism is experimentally proved to yield better overall results than existing mechanisms: It produces superior training efficiency and detection performance—with the least training time, best training data quality and much reduced training data quantity.
關鍵字 Network intrusion detection;Machine learning;Active learning;Lifelong learning;Online learning;Performance evaluation
語言 en
ISSN 1573-0484
期刊性質 國外
收錄於 SCI
產學合作
通訊作者
審稿制度
國別 USA
公開徵稿
出版型式 ,電子版
SDGS 優質教育,產業創新與基礎設施