Should I (re)Learn or Should I Go(on)?: Stream Machine Learning for Adaptive Defense against Network Attacks

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F19%3A00338613" target="_blank" >RIV/68407700:21230/19:00338613 - isvavai.cz</a>

Výsledek na webu

<a href="https://doi.org/10.1145/3338468.3356829" target="_blank" >https://doi.org/10.1145/3338468.3356829</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1145/3338468.3356829" target="_blank" >10.1145/3338468.3356829</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Should I (re)Learn or Should I Go(on)?: Stream Machine Learning for Adaptive Defense against Network Attacks

Popis výsledku v původním jazyce

Continuous, dynamic and short-term learning is an effective learning strategy when operating in dynamic and adversarial environments, where concept drift constantly occurs and attacks rapidly change over time. In an on-line, stream learning model, data arrives as a stream of sequentially ordered samples, and older data is no longer available to revise earlier suboptimal modeling decisions as the fresh data arrives. Stream approaches work in a limited amount of time, and have the advantage to perform predictions at any point in time during the stream. We focus on a particularly challenging problem, that of continually learning detection models capable to recognize cyber-attacks and system intrusions in a highly dynamic and adversarial environment such as the open Internet. We consider adaptive learning algorithms for the analysis of continuously evolving network data streams, using (dynamic) sliding windows -- representing the system memory, to periodically re-learn, automatically adapting to concept drifts in the underlying data. By continuously learning and detecting concept drifts to adapt memory length, we show that adaptive learning algorithms can realize high detection accuracy of evolving network attacks over dynamic network data streams.

Název v anglickém jazyce

Should I (re)Learn or Should I Go(on)?: Stream Machine Learning for Adaptive Defense against Network Attacks

Popis výsledku anglicky

Continuous, dynamic and short-term learning is an effective learning strategy when operating in dynamic and adversarial environments, where concept drift constantly occurs and attacks rapidly change over time. In an on-line, stream learning model, data arrives as a stream of sequentially ordered samples, and older data is no longer available to revise earlier suboptimal modeling decisions as the fresh data arrives. Stream approaches work in a limited amount of time, and have the advantage to perform predictions at any point in time during the stream. We focus on a particularly challenging problem, that of continually learning detection models capable to recognize cyber-attacks and system intrusions in a highly dynamic and adversarial environment such as the open Internet. We consider adaptive learning algorithms for the analysis of continuously evolving network data streams, using (dynamic) sliding windows -- representing the system memory, to periodically re-learn, automatically adapting to concept drifts in the underlying data. By continuously learning and detecting concept drifts to adapt memory length, we show that adaptive learning algorithms can realize high detection accuracy of evolving network attacks over dynamic network data streams.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace

Rok uplatnění

2019

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

International Conference on Software Engineering

ISBN

978-1-4503-6828-5

ISSN

—

e-ISSN

—

Počet stran výsledku

10

Strana od-do

79-88

Název nakladatele

ACM

Místo vydání

New York

Místo konání akce

London

Datum konání akce

11. 11. 2019

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—