{"title":"A Reliable Semi-Supervised Intrusion Detection Model: One Year of Network Traffic Anomalies","authors":"E. Viegas, A. Santin, V. Cogo, Vilmar Abreu","doi":"10.1109/ICC40277.2020.9148916","DOIUrl":null,"url":null,"abstract":"Despite the promising results of machine learning for network-based intrusion detection, current techniques are not widely deployed in real-world environments. In general, proposed detection models quickly become obsolete, thus, generating unreliable classifications over time. In this paper, we propose a new reliable model for semi-supervised intrusion detection that uses a verification technique to provide reliable classifications over time, even in the absence of model updates. Additionally, we cope with this verification technique with semi-supervised learning to autonomously update the underlying machine learning models without human assistance. Our experiments consider a full year of real network traffic and demonstrate that our solution maintains the accuracy rate over time without model updates while rejecting only 10.6% of instances on average. Moreover, when autonomous (non-human-assisted) model updates are performed, the average rejection rate drops to just 3.2% without affecting the accuracy of our solution.","PeriodicalId":106560,"journal":{"name":"ICC 2020 - 2020 IEEE International Conference on Communications (ICC)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"20","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ICC 2020 - 2020 IEEE International Conference on Communications (ICC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICC40277.2020.9148916","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 20
Abstract
Despite the promising results of machine learning for network-based intrusion detection, current techniques are not widely deployed in real-world environments. In general, proposed detection models quickly become obsolete, thus, generating unreliable classifications over time. In this paper, we propose a new reliable model for semi-supervised intrusion detection that uses a verification technique to provide reliable classifications over time, even in the absence of model updates. Additionally, we cope with this verification technique with semi-supervised learning to autonomously update the underlying machine learning models without human assistance. Our experiments consider a full year of real network traffic and demonstrate that our solution maintains the accuracy rate over time without model updates while rejecting only 10.6% of instances on average. Moreover, when autonomous (non-human-assisted) model updates are performed, the average rejection rate drops to just 3.2% without affecting the accuracy of our solution.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
