An Adaptive Online Few-shot Network Intrusion Detection System Based on Meta-Learning

• Published in: International Conference on Advanced Cloud and Big Data pp. 159 - 164
• Main Authors: Ding, Shiru, Wang, Zhen, Lu, Yifei
• Format: Conference Proceeding
• Language: English
• Published: IEEE 28.11.2024
• Subjects: Accuracy; Adaptation models; Adaptive systems; Catastrophic forgetting; data feature drift; Data models; Feature extraction; Few-shot learning; Internet of Things; meta-learning; Metalearning; Network intrusion detection; Network intrusion detection system; Prevention and mitigation; Training
• ISSN: 2573-301X
• DOI: 10.1109/CBD65573.2024.00038

Previous deep learning-based Network Intrusion Detection Systems (NIDS) require a sufficient number of labeled samples to train deep neural network models. However, in certain scenarios of the Internet of Things (IoT), such as zero-day attacks, abnormal data is scarce and cannot meet the training conditions for neural network models. Thus, there is a need for a NIDS capable of few-shot learning. Additionally, previous online network intrusion detection systems did not comprehensively consider the significant impact of data feature drift and catastrophic forgetting on the performance of online models. In order to solve these two problems, we designed an adaptive online few-shot network intrusion detection system based on meta-learning. We evaluated the proposed system using the public datasets CIC-IDS2017, and the results show that our system can effectively handle the challenge of small samples while continuously adapting to new data with minimal catastrophic forgetting.