Abstract:In the complicated modern network, an effective intrusive traffic detection (ITD) scheme is paramount for enhancing the cybersecurity. Due to the continuous dynamics of data and the introduction of new classes, the existing ITD methods based on deep learning primarily reliant on joint training face challenges. And the frequent retraining is in the price of real-time responsiveness and computational resource. Moreover, the incremental learning strategy is dependent on exemplar sets heavily, which results in a significant storage cost for retaining old-class exemplars. Hence, the ITD problem under evolving network threats should be resolved. In this paper, we propose an adaptive and lightweight ITD method within a class incremental learning (ALCIL) framework. In the proposed ALCIL framework, the attention mechanism and prototype extraction technique are combined to guarantee precise and efficient feature extraction from new threats, as well as reducing the storagerequirement significantly. The design of our framework aims to mitigate catastrophic forgetting, thereby ensuring that the system retains knowledge of earlier classes as it integrates new ones.

Adaptive and Lightweight Intrusive Traffic Detection Method Based on Deep Learning under Evolving Network Threats