“A Reliable Semi-Supervised Intrusion Detection Model: One Year of Network Traffic Anomalies”

From Navigators

Revision as of 18:49, 28 February 2020 by Vielmo (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Eduardo Viegas, Altair Santin, Vinicius Vielmo Cogo, Vilmar Abreu

in Proceedings of the 2020 IEEE International Conference on Communications (ICC), Jun. 2020.

Abstract: Despite the promising results of machine learning for network-based intrusion detection, current techniques are not widely deployed in real-world environments. In general, proposed detection models quickly become obsolete, thus, generating unreliable classifications over time. In this paper, we propose a new reliable model for semi-supervised intrusion detection that uses a verification technique to provide reliable classifications over time, even in the absence of model updates. Additionally, we cope with this verification technique with semi-supervised learning to autonomously update the underlying machine learning models without human assistance. Our experiments consider a full year of real network traffic and demonstrate that our solution maintains the accuracy rate over time without model updates while rejecting only 10.6% of instances on average. Moreover, when autonomous (non-human-assisted) model updates are performed, the average rejection rate drops to just 3.2% without affecting the accuracy of our solution.

Download paper

Download A Reliable Semi-Supervised Intrusion Detection Model: One Year of Network Traffic Anomalies

Export citation



Research line(s): Fault and Intrusion Tolerance in Open Distributed Systems (FIT)

Personal tools
Navigators toolbox