Sustaining the Effectiveness of IoT-Driven Intrusion Detection over Time: Defeating Concept and Data Drifts
This paper addresses the challenge of sustaining the intrusion detection effectiveness of machine learning-based intrusion detection systems in the Internet of Things (IoT) in the presence of concept and data drifts. Data drift is a phenomenon which embodies the change that happens in the relationships among the independent features, which is mainly due to changes in the data quality over time. Concept drift is a phenomenon which depicts the change in the relationships between input and output data in the machine learning model over time. To address data drifts, we first propose a series of data preparation steps that help improve the quality of the data and avoid inconsistencies. To counter concept drifts, we capitalize on an online deep neural network model that relies on an ensemble of varying depth neural networks that cooperate and compete together to enable the model to steadily learn and adapt as new data come, thus allowing for stable and long-lasting learning. Experiments conducted on a real-world IoT-based intrusion detection dataset, designed to address concept and data drifts, suggest that our solution stabilizes the performance of the intrusion detection on both the training and testing data compared to the static deep neural network model, which is widely used for intrusion detection.
Natural Sciences and Engineering Research Council of Canada (NSERC)
Natural Sciences and Engineering Research CouncilFind out more...