A Novel Online Incremental Learning Intrusion Prevention System

TL;DR

This paper introduces a new online incremental intrusion prevention system for IoT environments that combines neural networks and support vector machines to detect both known and unknown attacks in real-time with high accuracy.

Contribution

It presents a novel network intrusion prevention system utilizing a self-organizing incremental neural network and SVM, capable of real-time, signature-free attack mitigation in IoT settings.

Findings

Achieves high accuracy in detecting attacks on the NSL KDD dataset.

Supports online incremental learning for scalable deployment.

Effectively detects both known and unknown attacks.

Abstract

Attack vectors are continuously evolving in order to evade Intrusion Detection systems. Internet of Things (IoT) environments, while beneficial for the IT ecosystem, suffer from inherent hardware limitations, which restrict their ability to implement comprehensive security measures and increase their exposure to vulnerability attacks. This paper proposes a novel Network Intrusion Prevention System that utilises a SelfOrganizing Incremental Neural Network along with a Support Vector Machine. Due to its structure, the proposed system provides a security solution that does not rely on signatures or rules and is capable to mitigate known and unknown attacks in real-time with high accuracy. Based on our experimental results with the NSL KDD dataset, the proposed framework can achieve on-line updated incremental learning, making it suitable for efficient and scalable industrial applications.