Network Intrusion Detection with Incremental Active Learning

Increasing Internet usage in recent years has correspondingly increased the prevalence of cyber threats, emphasizing the necessity for robust intrusion detection systems (IDS). The efficacy of these systems is crucially dependent on their ability to adapt promptly to the continuously evolving types of cyber-attacks. Nonetheless, achieving the desired performance levels is often hindered by the scarcity of labeled data for newly emerging threats and the complexities associated with implementing incremental learning within machine learning frameworks. In this research, we introduce an IDS that employs active learning techniques for class incremental learning, aimed at adapting to the dynamic cyber security landscape while requiring fewer labeled data instances. The results from our experiments demonstrate that the proposed method significantly reduces the need for labeled training data while effectively incorporating new attack classes incrementally.