ILIDViz: An Incremental Learning-Based Visual Analysis System for Network Anomaly Detection
Background: With the development of information technology, network traffic logs mixed with various kinds of cyber-attacks have grown explosively. Traditional intrusion detection systems (IDS) have limited ability to discover new inconstant patterns and identify malicious traffic traces in real-time...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
KeAi Communications Co., Ltd.
2023-12-01
|
| Series: | Virtual Reality & Intelligent Hardware |
| Subjects: | |
| Online Access: | http://www.sciencedirect.com/science/article/pii/S2096579623000372 |
| _version_ | 1797377839872344064 |
|---|---|
| author | Xuefei Tian Zhiyuan Wu JunXiang Cao Shengtao Chen Xiaoju Dong |
| author_facet | Xuefei Tian Zhiyuan Wu JunXiang Cao Shengtao Chen Xiaoju Dong |
| author_sort | Xuefei Tian |
| collection | DOAJ |
| description | Background: With the development of information technology, network traffic logs mixed with various kinds of cyber-attacks have grown explosively. Traditional intrusion detection systems (IDS) have limited ability to discover new inconstant patterns and identify malicious traffic traces in real-time. It is urgent to implement more effective intrusion detection technologies to protect computer security. Methods: In this paper, we design a hybrid IDS, combining our incremental learning model (KAN-SOINN) and active learning, to learn new log patterns and detect various network anomalies in real-time. Results & Conclusions: The experimental results on the NSLKDD dataset show that the KAN-SOINN can be improved continuously and detect malicious logs more effectively. Meanwhile, the comparative experiments prove that using a hybrid query strategy in active learning can improve the model learning efficiency. |
| first_indexed | 2024-03-08T19:59:08Z |
| format | Article |
| id | doaj.art-696e53b664f94893a56b0e9681ce87fe |
| institution | Directory Open Access Journal |
| issn | 2096-5796 |
| language | English |
| last_indexed | 2024-03-08T19:59:08Z |
| publishDate | 2023-12-01 |
| publisher | KeAi Communications Co., Ltd. |
| record_format | Article |
| series | Virtual Reality & Intelligent Hardware |
| spelling | doaj.art-696e53b664f94893a56b0e9681ce87fe2023-12-24T04:45:22ZengKeAi Communications Co., Ltd.Virtual Reality & Intelligent Hardware2096-57962023-12-0156471489ILIDViz: An Incremental Learning-Based Visual Analysis System for Network Anomaly DetectionXuefei Tian0Zhiyuan Wu1JunXiang Cao2Shengtao Chen3Xiaoju Dong4Department of Computer Science, Shanghai Jiao Tong University, Shanghai 201100, ChinaDepartment of Computer Science, Shanghai Jiao Tong University, Shanghai 201100, ChinaDepartment of Computer Science, Shanghai Jiao Tong University, Shanghai 201100, ChinaDepartment of Computer Science, Shanghai Jiao Tong University, Shanghai 201100, ChinaCorresponding author,; Department of Computer Science, Shanghai Jiao Tong University, Shanghai 201100, ChinaBackground: With the development of information technology, network traffic logs mixed with various kinds of cyber-attacks have grown explosively. Traditional intrusion detection systems (IDS) have limited ability to discover new inconstant patterns and identify malicious traffic traces in real-time. It is urgent to implement more effective intrusion detection technologies to protect computer security. Methods: In this paper, we design a hybrid IDS, combining our incremental learning model (KAN-SOINN) and active learning, to learn new log patterns and detect various network anomalies in real-time. Results & Conclusions: The experimental results on the NSLKDD dataset show that the KAN-SOINN can be improved continuously and detect malicious logs more effectively. Meanwhile, the comparative experiments prove that using a hybrid query strategy in active learning can improve the model learning efficiency.http://www.sciencedirect.com/science/article/pii/S2096579623000372Intrusion detectionIncremental learningActive learningVisual analysis |
| spellingShingle | Xuefei Tian Zhiyuan Wu JunXiang Cao Shengtao Chen Xiaoju Dong ILIDViz: An Incremental Learning-Based Visual Analysis System for Network Anomaly Detection Virtual Reality & Intelligent Hardware Intrusion detection Incremental learning Active learning Visual analysis |
| title | ILIDViz: An Incremental Learning-Based Visual Analysis System for Network Anomaly Detection |
| title_full | ILIDViz: An Incremental Learning-Based Visual Analysis System for Network Anomaly Detection |
| title_fullStr | ILIDViz: An Incremental Learning-Based Visual Analysis System for Network Anomaly Detection |
| title_full_unstemmed | ILIDViz: An Incremental Learning-Based Visual Analysis System for Network Anomaly Detection |
| title_short | ILIDViz: An Incremental Learning-Based Visual Analysis System for Network Anomaly Detection |
| title_sort | ilidviz an incremental learning based visual analysis system for network anomaly detection |
| topic | Intrusion detection Incremental learning Active learning Visual analysis |
| url | http://www.sciencedirect.com/science/article/pii/S2096579623000372 |
| work_keys_str_mv | AT xuefeitian ilidvizanincrementallearningbasedvisualanalysissystemfornetworkanomalydetection AT zhiyuanwu ilidvizanincrementallearningbasedvisualanalysissystemfornetworkanomalydetection AT junxiangcao ilidvizanincrementallearningbasedvisualanalysissystemfornetworkanomalydetection AT shengtaochen ilidvizanincrementallearningbasedvisualanalysissystemfornetworkanomalydetection AT xiaojudong ilidvizanincrementallearningbasedvisualanalysissystemfornetworkanomalydetection |