Learning with Querying and its Application in Network Security

Introduction

Understanding the ability of learning in both humans and non-humans is an important research crossing the boundaries among several scientific disciplines from computer science to brain science and psychology. That capability from experience is one fundamental skill for the survival and evolution of life beings. Neuroscientists believed that human brain memorizes not just the perceived sensorial information of objects or events but also the interaction behavior occurred among the entity and the external environment (Damasio, 2000). In the past decades, cognitive psychologists have proposed a great variety of methods to account for the different aspects of human behavior. These models represent the theoretical idea about the process or the representation underlying the observed behavior. Rumelhart and Norman (1978) suggested that the procedure accounts for the minor schema modifications that come with new exemplars of concepts and principals. Learning in humans characterized in three different types of procedures: accretion, tuning, and restructuring.

• •

  Accretion is a procedure that processes the importing knowledge into an already existing concept or schema.

• •

  Tuning consists of revising the old schemata to acquire the new knowledge. It adjusts existing schemas incrementally to reflect variable circumstances.

  • •Restructuring involves changing an existing schema to map onto a novel and unfamiliar event. It requires exploration, comparison, and integration of concepts.

The learning machine consists of a learning protocol to specify the method of achieving accumulation of information, and a deduction procedure to learn the correct concept (Valiant, 1984). For learning protocol, the input information can be examples that exemplify the concept to be learned, or oracles that tell whether the data exemplify the concept when presented with data. In an interactive environment, we assume that the learner starts with an initial set of positive and negative examples, and then he/she asks an oracle for membership classification of new examples which are selected according to some interactive guided learning strategies. In Figure 1, the procedures for querying oracle clearly differentiate from the different scenarios. In a common scenario, such an oracle can answer and correct the concept each time the learner makes an error what we shall call correction queries.

Figure 1.

Diagram illustrating the different scenarios

Machine learning is typically defined as a problem of function approximation from a fixed set of training examples. Most of the machines learning algorithms are based on the principles of similarity and contrast. Unsupervised learning methods are algorithms to search for similarities among objects. Supervised learning methods, especially classification algorithms, try to maximize the contrast between the classes. Current machine learning techniques do not totally use these types of learning. Most learning algorithms do not endorse the accretion mode of learning either. The worst portion of current machine learning techniques is the lack of restructuring capability. The real accretion in human learning is a long lasting process of accumulation of knowledge. Although there were some conceptual learning systems proposed over the past many years, they did not break through because of their poor performance. Connectionist models that simulate brain activity at a neuron level have provided important insights into pattern learning. However, they mostly focus on the tuning mode of learning.