Active Learning for Intrusion Detection

Intrusion detection is one of the most important problems in network security. Its target is to secure internal networks by identifying unusual access or attacks. Machine learning techniques have been playing a significant role in intrusion detection. Considering the large size of training data and time-consuming labeling task, it is wise to select some informative data to train a classifier. Active learning is a family of approaches selecting samples for labeling to build classifier with maximum prediction accuracy. So it is able to improve the performance of intrusion detection while it is not time-costing and labor-consuming. In this paper, definition and some efficient query strategies of active learning are reviewed and suggested. Some popular algorithms of intrusion detection and the combination of active learning and intrusion detection are also introduced. But existing work of active learning for intrusion detection is very limited. We propose more active learning methods should be developed for intrusion detection.