“A Reliable Semi-Supervised Intrusion Detection Model: One Year of Network Traffic Anomalies”
Revision as of 18:49, 28 February 2020 by Vielmo
in Proceedings of the 2020 IEEE International Conference on Communications (ICC), Jun. 2020.
Abstract: Despite the promising results of machine learning for network-based intrusion detection, current techniques are not widely deployed in real-world environments. In general, proposed detection models quickly become obsolete, thus, generating unreliable classifications over time. In this paper, we propose a new reliable model for semi-supervised intrusion detection that uses a verification technique to provide reliable classifications over time, even in the absence of model updates. Additionally, we cope with this verification technique with semi-supervised learning to autonomously update the underlying machine learning models without human assistance. Our experiments consider a full year of real network traffic and demonstrate that our solution maintains the accuracy rate over time without model updates while rejecting only 10.6% of instances on average. Moreover, when autonomous (non-human-assisted) model updates are performed, the average rejection rate drops to just 3.2% without affecting the accuracy of our solution.
Research line(s): Fault and Intrusion Tolerance in Open Distributed Systems (FIT)