Adaptive and Reinforcement Learning Approaches for Online Network Monitoring and Analysis

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F21%3A00346218" target="_blank" >RIV/68407700:21230/21:00346218 - isvavai.cz</a>

Výsledek na webu

<a href="https://doi.org/10.1109/TNSM.2020.3037486" target="_blank" >https://doi.org/10.1109/TNSM.2020.3037486</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/TNSM.2020.3037486" target="_blank" >10.1109/TNSM.2020.3037486</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Adaptive and Reinforcement Learning Approaches for Online Network Monitoring and Analysis

Popis výsledku v původním jazyce

Network-monitoring data commonly arrives in the form of fast and changing data streams. Continuous and dynamic learning is an effective learning strategy when dealing with such data, where concept drifts constantly occur. We propose different stream-based, adaptive learning approaches to analyze network-traffic streams on the fly. We address two major challenges associated to stream-based machine learning and online network monitoring: (i) how to dynamically learn from and adapt to non-stationary data changing over time, and (ii) how to deal with the limited availability of labeled data to continuous lytune a supervised-learning model. We introduce ADAM & RAL,two stream-based machine-learning techniques to tackle these challenges. ADAM relies on adaptive memory strategies to dynamically tune stream-based learning models to changes in the input data distribution. RAL combines reinforcement learning with stream-based active-learning to reduce the amount of labeled data needed for continual learning, dynamically deciding on the most informative samples to learn from. We apply ADAM & RAL to the real-time detection of network attacks in Internet network traffic, and show that it is possible to continuously achieve high detection accuracy even under the occurrence of concept drifts,limiting the amount of labeled data needed for learning.

Název v anglickém jazyce

Adaptive and Reinforcement Learning Approaches for Online Network Monitoring and Analysis

Popis výsledku anglicky

Network-monitoring data commonly arrives in the form of fast and changing data streams. Continuous and dynamic learning is an effective learning strategy when dealing with such data, where concept drifts constantly occur. We propose different stream-based, adaptive learning approaches to analyze network-traffic streams on the fly. We address two major challenges associated to stream-based machine learning and online network monitoring: (i) how to dynamically learn from and adapt to non-stationary data changing over time, and (ii) how to deal with the limited availability of labeled data to continuous lytune a supervised-learning model. We introduce ADAM & RAL,two stream-based machine-learning techniques to tackle these challenges. ADAM relies on adaptive memory strategies to dynamically tune stream-based learning models to changes in the input data distribution. RAL combines reinforcement learning with stream-based active-learning to reduce the amount of labeled data needed for continual learning, dynamically deciding on the most informative samples to learn from. We apply ADAM & RAL to the real-time detection of network attacks in Internet network traffic, and show that it is possible to continuously achieve high detection accuracy even under the occurrence of concept drifts,limiting the amount of labeled data needed for learning.

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace

Rok uplatnění

2021

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

IEEE Transactions on Network and Service Management

ISSN

1932-4537

e-ISSN

1932-4537

Svazek periodika

18

Číslo periodika v rámci svazku

2

Stát vydavatele periodika

US - Spojené státy americké

Počet stran výsledku

18

Strana od-do

1832-1849

Kód UT WoS článku

000660636700051

EID výsledku v databázi Scopus

2-s2.0-85096365931