Abstract
Increasing Internet usage in recent years has correspondingly increased the prevalence of cyber threats, emphasizing the necessity for robust intrusion detection systems (IDS). The efficacy of these systems is crucially dependent on their ability to adapt promptly to the continuously evolving types of cyber-attacks. Nonetheless, achieving the desired performance levels is often hindered by the scarcity of labeled data for newly emerging threats and the complexities associated with implementing incremental learning within machine learning frameworks. In this research, we introduce an IDS that employs active learning techniques for class incremental learning, aimed at adapting to the dynamic cyber security landscape while requiring fewer labeled data instances. The results from our experiments demonstrate that the proposed method significantly reduces the need for labeled training data while effectively incorporating new attack classes incrementally.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Amalapuram, S., Tadwai, A., Vinta, R., Channappayya, S., Tamma, B.: Continual learning for anomaly based network intrusion detection. In: 2022 14th International Conference on COMmunication Systems and NETworkS, COMSNETS 2022, pp. 497–505 (2022). https://doi.org/10.1109/COMSNETS53615.2022.9668482
Boukela, L., Zhang, G., Yacoub, M., Bouzefrane, S.: A near-autonomous and incremental intrusion detection system through active learning of known and unknown attacks. In: Conference Digest - 2021 International Conference on Security, Pattern Analysis, and Cybernetics, SPAC 2021, pp. 374–379 (2021). https://doi.org/10.1109/SPAC53836.2021.9539947
Gamage, S., Samarabandu, J.: Deep learning methods in network intrusion detection: a survey and an objective comparison. J. Network Comput. Appl. 169, 102767 (2020). https://doi.org/10.1016/j.jnca.2020.102767
Li, J., Wu, W., Xue, D.: An intrusion detection method based on active transfer learning. Intell. Data Anal. 24, 263–283 (2020). https://doi.org/10.3233/IDA-194487
Lin, J., Wei, Y., Li, W., Long, J.: Intrusion detection system based on deep neural network and incremental learning for in-vehicle CAN networks. In: Wang, G., Choo, KK.R., Ko, R.K.L., Xu, Y., Crispo, B. (eds.) Ubiquitous Security. UbiSec 2021. Communications in Computer and Information Science, vol. 1557 CCIS. Springer, Singapore (2022). https://doi.org/10.1007/978-981-19-0468-4_19
Martina, M., Foresti, G.: A continuous learning approach for real-time network intrusion detection. Int. J. Neural Syst. 31, 2150060 (2021). https://doi.org/10.1142/S012906572150060X
McElwee, S.: Active learning intrusion detection using k-means clustering selection. In: Conference Proceedings - IEEE SOUTHEASTCON, pp. 1–7 (2017). https://doi.org/10.1109/SECON.2017.7925383
McElwee, S., Cannady, J.: Cyber situation awareness with active learning for intrusion detection. In: Conference Proceedings - IEEE SOUTHEASTCON, vol. 2019-April, pp. 1–7 (2019). https://doi.org/10.1109/SoutheastCon42311.2019.9020599
Sharafaldin, I., Lashkari, A., Ghorbani, A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: ICISSP 2018 - Proceedings of the 4th International Conference on Information Systems Security and Privacy, vol. 2018-January, pp. 108–116 (2018). https://doi.org/10.5220/0006639801080116
Tüzün, M.N.B.: Network intrusion detection system with incremental active learning. Master’s thesis, Middle East Technical University (2022)
Yang, K., Ren, J., Zhu, Y., Zhang, W.: Active learning for wireless IoT intrusion detection. IEEE Wirel. Commun. 25, 19–25 (2018). https://doi.org/10.1109/MWC.2017.1800079
Acnowledgements
This research has been supported by the TÜBİTAK 3501 Career Development Program under grant number 120E537 and the TÜBA GEBİP Program.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Tüzün, M.N.B., Angin, P. (2024). Network Intrusion Detection with Incremental Active Learning. In: Barolli, L. (eds) Advanced Information Networking and Applications. AINA 2024. Lecture Notes on Data Engineering and Communications Technologies, vol 204. Springer, Cham. https://doi.org/10.1007/978-3-031-57942-4_33
Download citation
DOI: https://doi.org/10.1007/978-3-031-57942-4_33
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-57941-7
Online ISBN: 978-3-031-57942-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)