Martina Marcello Rinaldo, Foresti Gian Luca
Department of Mathematics, Computer Science, and Physics, University of Udine, Via delle, Scienze 206, Udine, 33100, Italy.
Int J Neural Syst. 2021 Dec;31(12):2150060. doi: 10.1142/S012906572150060X. Epub 2021 Nov 13.
Network intrusion detection is becoming a challenging task with cyberattacks that are becoming more and more sophisticated. Failing the prevention or detection of such intrusions might have serious consequences. Machine learning approaches try to recognize network connection patterns to classify unseen and known intrusions but also require periodic re-training to keep the performances at a high level. In this paper, a novel continuous learning intrusion detection system, called Soft-Forgetting Self-Organizing Incremental Neural Network (SF-SOINN), is introduced. SF-SOINN, besides providing continuous learning capabilities, is able to perform fast classification, is robust to noise, and it obtains good performances with respect to the existing approaches. The main characteristic of SF-SOINN is the ability to remove nodes from the neural network based on their utility estimate. SF-SOINN has been validated on the well-known NSL-KDD and CIC-IDS-2017 intrusion detection datasets as well as on some artificial data to show the classification capability on more general tasks.
随着网络攻击变得越来越复杂,网络入侵检测正成为一项具有挑战性的任务。未能预防或检测到此类入侵可能会产生严重后果。机器学习方法试图识别网络连接模式,以对未知和已知入侵进行分类,但也需要定期重新训练以保持高性能。本文介绍了一种新颖的持续学习入侵检测系统,称为软遗忘自组织增量神经网络(SF-SOINN)。SF-SOINN除了提供持续学习能力外,还能够进行快速分类,对噪声具有鲁棒性,并且相对于现有方法具有良好的性能。SF-SOINN的主要特点是能够根据节点的效用估计从神经网络中移除节点。SF-SOINN已在著名的NSL-KDD和CIC-IDS-2017入侵检测数据集以及一些人工数据上得到验证,以展示其在更一般任务上的分类能力。
