Should I (re)Learn or Should I Go(on)?: Stream Machine Learning for Adaptive Defense against Network Attacks
Identifikátory výsledku
Kód výsledku v IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F19%3A00338613" target="_blank" >RIV/68407700:21230/19:00338613 - isvavai.cz</a>
Výsledek na webu
<a href="https://doi.org/10.1145/3338468.3356829" target="_blank" >https://doi.org/10.1145/3338468.3356829</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1145/3338468.3356829" target="_blank" >10.1145/3338468.3356829</a>
Alternativní jazyky
Jazyk výsledku
angličtina
Název v původním jazyce
Should I (re)Learn or Should I Go(on)?: Stream Machine Learning for Adaptive Defense against Network Attacks
Popis výsledku v původním jazyce
Continuous, dynamic and short-term learning is an effective learning strategy when operating in dynamic and adversarial environments, where concept drift constantly occurs and attacks rapidly change over time. In an on-line, stream learning model, data arrives as a stream of sequentially ordered samples, and older data is no longer available to revise earlier suboptimal modeling decisions as the fresh data arrives. Stream approaches work in a limited amount of time, and have the advantage to perform predictions at any point in time during the stream. We focus on a particularly challenging problem, that of continually learning detection models capable to recognize cyber-attacks and system intrusions in a highly dynamic and adversarial environment such as the open Internet. We consider adaptive learning algorithms for the analysis of continuously evolving network data streams, using (dynamic) sliding windows -- representing the system memory, to periodically re-learn, automatically adapting to concept drifts in the underlying data. By continuously learning and detecting concept drifts to adapt memory length, we show that adaptive learning algorithms can realize high detection accuracy of evolving network attacks over dynamic network data streams.
Název v anglickém jazyce
Should I (re)Learn or Should I Go(on)?: Stream Machine Learning for Adaptive Defense against Network Attacks
Popis výsledku anglicky
Continuous, dynamic and short-term learning is an effective learning strategy when operating in dynamic and adversarial environments, where concept drift constantly occurs and attacks rapidly change over time. In an on-line, stream learning model, data arrives as a stream of sequentially ordered samples, and older data is no longer available to revise earlier suboptimal modeling decisions as the fresh data arrives. Stream approaches work in a limited amount of time, and have the advantage to perform predictions at any point in time during the stream. We focus on a particularly challenging problem, that of continually learning detection models capable to recognize cyber-attacks and system intrusions in a highly dynamic and adversarial environment such as the open Internet. We consider adaptive learning algorithms for the analysis of continuously evolving network data streams, using (dynamic) sliding windows -- representing the system memory, to periodically re-learn, automatically adapting to concept drifts in the underlying data. By continuously learning and detecting concept drifts to adapt memory length, we show that adaptive learning algorithms can realize high detection accuracy of evolving network attacks over dynamic network data streams.
Klasifikace
Druh
D - Stať ve sborníku
CEP obor
—
OECD FORD obor
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Návaznosti výsledku
Projekt
—
Návaznosti
I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace
Ostatní
Rok uplatnění
2019
Kód důvěrnosti údajů
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Údaje specifické pro druh výsledku
Název statě ve sborníku
International Conference on Software Engineering
ISBN
978-1-4503-6828-5
ISSN
—
e-ISSN
—
Počet stran výsledku
10
Strana od-do
79-88
Název nakladatele
ACM
Místo vydání
New York
Místo konání akce
London
Datum konání akce
11. 11. 2019
Typ akce podle státní příslušnosti
WRD - Celosvětová akce
Kód UT WoS článku
—