Towards Reliable Intrusion Detection in High Speed Networks
Existing machine learning solutions for network-based intrusion detection cannot maintain their reliability over time in production environments. In such context, detection schemes must be able to detect intrusion attempts at a high network bandwidth, besides having to deal with the lack of realistic training/testing data, changes in network traffic behavior, unreliable classifications over time and adversarial settings. In this work a new intrusion detection model, namely reliable intrusion detection, is introduced, whose main characteristic is the usage of both batch and stream learning algorithms coupled together. The proposed model advances the state-of-the-art in intrusion detection, providing reliable detection even in the presence of network traffic behavior changes and lack of model updates. The work relevance was recognized in the publication of 5 international top-tier journals, 6 international and national conference papers, and 1 registered patent.