The paper introduces NOCTOWL, an online, interpretable network intrusion detection system designed for streaming environments subject to distributional shifts, with delayed and partial label availability. The method combines the inherently explainable structure of a decision tree with a clustering-based strategy to create interpretable data partitions and incrementally adjust them in response to distribution shifts. The model further incorporates selective sampling to adapt to evolving distributions while preventing unnecessary growth. Experiments on five benchmark datasets simulating realistic operating conditions demonstrate that NOCTOWL achieves competitive performance compared to state-of-the-art systems, while maintaining robustness under constrained annotation budgets.
Pederzoli, S., Paganelli, M., Luca Contalbo, M., Benassi, R., Tiano, D., Iannucci, S., et al. (2025). NOCTOWL: Adaptive Tree-Based Model for Network Anomaly Detection Under Delayed and Sampled Label Availability. IEEE ACCESS, 13, 197899-197911 [10.1109/access.2025.3633419].
NOCTOWL: Adaptive Tree-Based Model for Network Anomaly Detection Under Delayed and Sampled Label Availability
Iannucci, Stefano;
2025-01-01
Abstract
The paper introduces NOCTOWL, an online, interpretable network intrusion detection system designed for streaming environments subject to distributional shifts, with delayed and partial label availability. The method combines the inherently explainable structure of a decision tree with a clustering-based strategy to create interpretable data partitions and incrementally adjust them in response to distribution shifts. The model further incorporates selective sampling to adapt to evolving distributions while preventing unnecessary growth. Experiments on five benchmark datasets simulating realistic operating conditions demonstrate that NOCTOWL achieves competitive performance compared to state-of-the-art systems, while maintaining robustness under constrained annotation budgets.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
