## Adaptive Deep Learning for Network Intrusion Detection by Risk Analysis

### Introduction

With increasing connectedness, network intrusion has become a critical security concern for modern information systems. Various network intrusion incidents have been reported in recent years and they have brought about considerable financial and societal damage. The purpose of Network Intrusion Detection (NID) is to identify malicious activities in network traffic. As shown in Figure 1, where network activities are represented by records in a table, NID needs to distinguish abnormal network activities from normal ones based on their particular features (e.g., duration, protocol, service and state). In this example, it can be observed that $r_2$ uses the udp protocol and the dns service with fixed-size source-to-destination bytes. Since $r_2$ matches the characteristics of a generic attack, it is considered to be a network intrusion. However, the record of $r_1$ represents a normal activity. NID is usually considered as a binary classification problem tasked with labeling each activity as Normal or Abnormal. Even though NID can be performed based on expert rules and data mining, its state-of-the-art performance has been achieved by deep learning.

Figure 1: A NID running example.

Unfortunately, the efficacy of deep models depends on large quantities of accurately labeled training data, which may not be readily available in real scenarios. In addition, it is common in modern networks that traffic distribution continuously shifts. As a result, even a well trained deep model may still mislabel many activities in real networks. It is noteworthy that limited interpretability of deep models further exacerbates the challenge. Therefore, there is a need for interpretable risk analysis, which can detect the activities mislabeled by a machine classifier and explain why. Toward this end, we propose a novel solution of risk analysis for NID in this paper. Built upon on the recently proposed framework of LearnRisk, the proposed solution first extracts interpretable risk features, then trains a risk model by a learning-to-rank objective and finally applies the learned risk model to rank activities by their misprediction risk. As shown in Figure 2, it consists of three steps: risk feature generation, risk model construction and risk model training. To ensure that risk features are interpretable and discriminative, we construct various risk metrics from different perspectives, including domain knowledge and statistical abnormalcy. Specifically, we leverage the CIA domain knowledge, which stands for Confidentiality, Integrity and Availability, to quantify security compromise. Confidentiality measures information concealment, Integrity measures information trustworthiness and Availability measures the ability to use desired information. In addition, we measure intrusion risk from the perspective of anomaly detection, based on the observation that intrusions are usually statistical outliers among a larger number of normal activities.

Figure 2: The LearnRisk framework for NID.

Furthermore, since risk analysis can measure the misprediction risk of a machine classifier on unlabeled activities, it provides classifier training with a viable way to adapt towards a particular workload. Therefore, we also present a novel solution of adaptive deep training for NID based on risk analysis. As shown in Figure 3, it consists of two phases: the traditional training phase and the following adaptive training phase. In the first phase, it pre-trains a deep model in the traditional way based on labeled training data, while the second phase further fine-tunes the model towards unlabeled target data by minimizing their misprediction risk.

Figure 3: Risk-based adaptive training for NID.

The main contributions of this paper are as follows:

1. We propose a novel solution of interpretable risk analysis for NID. In particular, we present a technique of risk feature generation that can effectively fuse various intrusion risk factors for risk measurement.

2. We present a novel solution of adaptive deep learning for NID, which can effectively tune a deep model towards a target workload by minimizing misprediction risk.

3. We empirically validate the efficacy of the proposed solutions on real benchmark data by a comparative study. Our extensive experiments have shown that the proposed solution of risk analysis can identify the mislabeled activities with considerably higher accuracy than the existing alternatives, and adaptive deep learning can effectively improve the performance of deep models in both offline and online settings.