A Multi-View Intrusion Detection Model for Reliable and Autonomous Model Updates | IEEE Conference Publication | IEEE Xplore

A Multi-View Intrusion Detection Model for Reliable and Autonomous Model Updates

Publisher: IEEE

Abstract:

Changes in network traffic behavior over time are neglected by authors who use machine learning techniques applied to intrusion detection. In general, it is assumed that ...View more

Abstract:

Changes in network traffic behavior over time are neglected by authors who use machine learning techniques applied to intrusion detection. In general, it is assumed that periodic model updates are performed, regardless of the challenges related to such a task. This paper proposes a new multi-view intrusion detection model capable of reliably performing model updates without human assistance while also maintaining its accuracy over time. The proposal evaluates the classification’s confidence values in a multi-view configuration to maintain its reliability over time, even without model updates. Besides, it is able to perform model updates autonomously, according to the result of the multi-view classification. Our experiments, performed with 7TB of real network traffic over a 2-year interval, show that our proposed scheme can maintain its accuracy over time without model updates, rejecting only 14.2% of its classification. However, when autonomous model updates are performed, the rejection rate drops to just 8.8%, while also improving the model’s accuracy by 4.3%.
Date of Conference: 14-23 June 2021
Date Added to IEEE Xplore: 06 August 2021
ISBN Information:

ISSN Information:

Publisher: IEEE
Conference Location: Montreal, QC, Canada

References

References is not available for this document.