Skip to main content
SpringerLink
Log in

A Dynamic Machine Learning Scheme for Reliable Network-Based Intrusion Detection

  • Conference paper
  • First Online:
Advanced Information Networking and Applications (AINA 2023)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 654))

  • 470 Accesses

Abstract

Several works have proposed highly accurate machine learning (ML) techniques for network-based intrusion detection over the past years. However, despite the promising results, proposed schemes must address the high variability of network traffic and need more reliability when facing new network traffic behavior. This paper proposes a new dynamic and reliable network-based intrusion detection model implemented in two phases. First, the behavior of to-be-classified events is assessed through an outlier detection scheme to reject potentially new network traffic, thus, keeping the system reliable as time passes. Second, classification is performed through a dynamic selection of classifier to address the high variability of network traffic. Experiments performed in a new dataset composed of over 60 GB of network traffic have shown that our proposed scheme can improve detection accuracy by up to 33% when compared with traditional approaches.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 229.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 299.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Andresini, G., Appice, A., Loglisci, C., Belvedere, V., Redavid, D., Malerba, D.: A network intrusion detection system for concept drifting network traffic data. In: Soares, C., Torgo, L. (eds.) Discovery Science, pp. 111–121. Springer International Publishing, Cham (2021). https://doi.org/10.1007/978-3-030-88942-5_9

    Chapter  Google Scholar 

  2. Andresini, G., Pendlebury, F., Pierazzi, F., Loglisci, C., Appice, A., Cavallaro, L.: INSOMNIA. In: Proceedings of the 14th ACM Workshop on Artificial Intelligence and Security. ACM (2021). https://doi.org/10.1145/3474369.3486864

  3. Arp, D., et al.: Dos and don’ts of machine learning in computer security. In: 31st USENIX Security Symposium (USENIX Security 22), pp. 3971–3988. USENIX Association, Boston, MA (2022). https://www.usenix.org/conference/usenixsecurity22/presentation/arp

  4. Chkirbene, Z., Erbad, A., Hamila, R., Mohamed, A., Guizani, M., Hamdi, M.: Tidcs: a dynamic intrusion detection and classification system based feature selection. IEEE Access 8, 95864–95877 (2020)

    Article  Google Scholar 

  5. Gates, C., Taylor, C.: Challenging the anomaly detection paradigm: a provocative discussion. In: Proceedings of the Workshop on New Security Paradigms (NSPW), pp. 21–29 (2006)

    Google Scholar 

  6. Geremias, J., Viegas, E.K., Santin, A.O., Britto, A., Horchulhack, P.: Towards multi-view android malware detection through image-based deep learning. In: 2022 International Wireless Communications and Mobile Computing (IWCMC). IEEE (2022). https://doi.org/10.1109/iwcmc55113.2022.9824985

  7. Gu, J., Wang, L., Wang, H., Wang, S.: A novel approach to intrusion detection using SVM ensemble with feature augmentation. Comput. Secur. 86, 53–62 (2019). https://doi.org/10.1016/j.cose.2019.05.022

    Article  Google Scholar 

  8. Heartfield, R., Loukas, G., Bezemskij, A., Panaousis, E.: Self-configurable cyber-physical intrusion detection for smart homes using reinforcement learning. IEEE Trans. Inf. Forensics Secur. 16, 1720–1735 (2021)

    Article  Google Scholar 

  9. Horchulhack, P., Viegas, E.K., Santin, A.O.: Detection of service provider hardware over-commitment in container orchestration environments. In: GLOBECOM 2022–2022 IEEE Global Communications Conference. IEEE (2022)

    Google Scholar 

  10. Horchulhack, P., Viegas, E.K., Santin, A.O., Geremias, J.: Intrusion detection model updates through GAN data augmentation and transfer learning. In: GLOBECOM 2022–2022 IEEE Global Communications Conference. IEEE (2022). https://doi.org/10.1109/globecom48099.2022.10000666

  11. Kaspersky Lab.: Kaspersky press release 2022–q3 (2022). https://www.kaspersky.com/about/press-releases/2022-hacktivists-step-back-giving-way-to-professionals-a-look-at-ddos-in-q3-2022

  12. Molina-Coronado, B., Mori, U., Mendiburu, A., Miguel-Alonso, J.: Survey of network intrusion detection methods from the perspective of the knowledge discovery in databases process. IEEE Trans. Netw. Serv. Manag. 17(4), 2451–2479 (2020)

    Article  Google Scholar 

  13. Moustafa, N., Turnbull, B., Choo, K.K.R.: An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things. IEEE Internet Things J. 6(3), 4815–4830 (2019)

    Article  Google Scholar 

  14. Pinagé, F., dos Santos, E.M., Gama, J.: A drift detection method based on dynamic classifier selection. Data Min. Knowl. Discov. 34(1), 50–74 (2019). https://doi.org/10.1007/s10618-019-00656-w

    Article  MathSciNet  Google Scholar 

  15. Salo, F., Nassif, A.B., Essex, A.: Dimensionality reduction with IG-PCA and ensemble classifier for network intrusion detection. Comput. Netw. 148, 164–175 (2019)

    Article  Google Scholar 

  16. dos Santos, R.R., Viegas, E.K., Santin, A.O.: Improving intrusion detection confidence through a moving target defense strategy. In: 2021 IEEE Global Communications Conference (GLOBECOM). IEEE (2021)

    Google Scholar 

  17. dos Santos, R.R., Viegas, E.K., Santin, A.O., Cogo, V.V.: Reinforcement learning for intrusion detection: more model longness and fewer updates. IEEE Trans. Netw. Serv. Manag. 1–17 (2022)

    Google Scholar 

  18. Sommer, R., Paxson, V.: Outside the closed world: on using machine learning for network intrusion detection. In: 2010 IEEE Symposium on Security and Privacy. IEEE (2010)

    Google Scholar 

  19. Tavallaee, M., Stakhanova, N., Ghorbani, A.A.: Toward credible evaluation of anomaly-based intrusion-detection methods. IEEE Trans. Syst. Man Cybern. 40(5), 516–524 (2010)

    Article  Google Scholar 

  20. Viegas, E.K., Santin, A.O., Oliveira, L.S.: Toward a reliable anomaly-based intrusion detection in real-world environments. Comput. Netw. 127, 200–216 (2017)

    Article  Google Scholar 

  21. Wahab, O.A.: Intrusion detection in the IoT under data and concept drifts: online deep learning approach. IEEE Internet Things J. 9(20), 19706–19716 (2022)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Secure Systems Research Center, Technology Innovation Institute (TII), Abu Dhabi, United Arab Emirates

    Eduardo K. Viegas & Everton de Matos

  2. Pontifícia Universidade Católica do Paraná, PUC-PR, Curitiba, Brazil

    Paulo R. de Oliveira & Altair O. Santin

Authors
  1. Eduardo K. Viegas
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Everton de Matos
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Paulo R. de Oliveira
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Altair O. Santin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Eduardo K. Viegas .

Editor information

Editors and Affiliations

  1. Department of Information and Communication Engineering, Faculty of Information Engineering, Fukuoka Institute of Technology, Fukuoka, Japan

    Leonard Barolli

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Viegas, E.K., de Matos, E., de Oliveira, P.R., Santin, A.O. (2023). A Dynamic Machine Learning Scheme for Reliable Network-Based Intrusion Detection. In: Barolli, L. (eds) Advanced Information Networking and Applications. AINA 2023. Lecture Notes in Networks and Systems, vol 654. Springer, Cham. https://doi.org/10.1007/978-3-031-28451-9_39

Download citation

Publish with us

Policies and ethics

Search

Navigation