查看文章

A Machine Learning (ML)-based Intrusion Detection and Prevention System (IDPS) requires a large amount of labeled up-to-date training data to effectively detect intrusions and generalize well to novel attacks. However, the labeling of data is costly and becomes infeasible when dealing with big data, such as those generated by Internet of Things applications. To this effect, building an ML model that learns from non-labeled or partially labeled data is of critical importance. This paper proposes a Semi-supervised Multi-Layered Clustering ((SMLC)) model for the detection and prevention of network intrusion. SMLC has the capability to learn from partially labeled data while achieving a detection performance comparable to that of supervised ML-based IDPS. The performance of SMLC is compared with that of a well-known semi-supervised model (tri-training) and of supervised ensemble ML models, namely …