A Zero-Shot Intrusion Detection Method Based on Regression Model

Intrusion detection has always been a hot and difficult topic in the field of computer security. It is difficult to use traditional intrusion detection methods to effectively detect unknown intrusion types. To solve this difficulty, in this paper, a zero-shot intrusion detection method based on regression model is proposed to identify unknown intrusion types in order to provide guarantee for computer security. The method includes firstly taking the data in the normal state and the known intrusion type state as the training set. If the features are non-numeric, one-hot code is used to convert the non-numeric features into numerical features. In addition, in order to overcome the shortage of small data volume of some intrusion types, A Markov model based on exponential smoothing method is proposed. According to the numerical value of the features in the training set, the regression equation was fitted for each state category. Using the numerical value of the features in the training set, the threshold value corresponding to each state category is calculated. For a specific state to be tested in the test set, the regression equation of each state category is substituted successively, and the calculated results are judged to meet the threshold requirements, so as to recognize which state it belongs to: normal state, known invasion state or unknown invasion state. Experiments show that the method proposed in this paper is effective to some extent.