“A Long-lasting Reinforcement Learning Intrusion Detection Model”
in Proceedings of the 34th International Conference on Advanced Information Networking and Applications (AINA), Apr. 2020.
Abstract: Several works have proposed highly accurate network-based intrusion detection schemes through machine learning techniques. However, they are unable to address changes in network traffic behavior over time. Authors often assume periodic model updates, but without taking into account the challenges they entail. This paper proposes a long-lasting reinforcement learning model for intrusion detection that withstands long periods without model updates. Our proposal builds machine learning models through reinforcement learning to keep their accuracy for longer periods. Then, we cope it with a verification technique to ensure that only reliable classifications are accepted over time. Experiments performed using a dataset spanning a year of real network traffic, composed of 10TB of data, show that the technique we propose remains reliable for ten months without model updates. Additionally, our proposal increases its accuracy when coped with the verification technique.
Research line(s): Fault and Intrusion Tolerance in Open Distributed Systems (FIT)