Open Access
ARTICLE
Intrusion Detection Method Based on Active Incremental Learning in Industrial Internet of Things Environment
1 School of Software, Nanjing University of Information Science and Technology, Nanjing, 210044, China
2 Cyberspace Institute Advanced Technology, Guangzhou University, Guangzhou, 510006, China
3 Jiangsu Collaborative Innovation Center of Atmospheric Environment and Equipment Technology (CICAEET), Nanjing University of Information Science and Technology, Nanjing, 210044, China
* Corresponding Author: Zilong Jin. Email:
Journal on Internet of Things 2022, 4(2), 99-111. https://doi.org/10.32604/jiot.2022.037416
Received 03 November 2022; Accepted 06 December 2022; Issue published 28 March 2023
Abstract
Intrusion detection is a hot field in the direction of network security. Classical intrusion detection systems are usually based on supervised machine learning models. These offline-trained models usually have better performance in the initial stages of system construction. However, due to the diversity and rapid development of intrusion techniques, the trained models are often difficult to detect new attacks. In addition, very little noisy data in the training process often has a considerable impact on the performance of the intrusion detection system. This paper proposes an intrusion detection system based on active incremental learning with the adaptive capability to solve these problems. IDS consists of two modules, namely the improved incremental stacking ensemble learning detection method called Multi-Stacking model and the active learning query module. The stacking model can cope well with concept drift due to the diversity and generalization selection of its base classifiers, but the accuracy does not meet the requirements. The Multi-Stacking model improves the accuracy of the model by adding a voting layer on the basis of the original stacking. The active learning query module improves the detection of known attacks through the committee algorithm, and the improved KNN algorithm can better help detect unknown attacks. We have tested the latest industrial IoT dataset with satisfactory results.Keywords
Cite This Article
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.