Fahad Alotaibi

Fahad Alotaibi

Ph.D. Student in Computing

[Fahad's amazing life story goes HERE]

Scroll down for more details...

Concept Drift in Network Intrusion Detection Systems

Lightning Talk


Machine Learning (ML) algorithms such as Neural Networks have a great potential as substitutes for traditional signature-based approaches in various security applications. However, their use has been limited due to multiple challenges. One core challenge is concept drift, which can be divided into two sub-challenges, namely semantic shift (a.k.a real concept drift) and covariate shift (a.k.a virtual concept drift). The semantic shift represents the algorithm’s inability to identify totally new knowledge, more precisely, the model will predict a new unknown class as a known class. The covariate shift represents the algorithm’s inability to correctly classify evolving data, and consequently, the algorithm will predict the evolving data incorrectly as a different class. Both challenges have been investigated recently in the ML-based security applications literature, however, most proposed solutions do not consider network intrusion detection systems (NIDS). This short talk will start by outlining the current methods that are applied to detect semantic shifts in DNN-based NIDS, then it will highlight the current limitations and challenges.