ACORN-IDS: Adaptive Continual Novelty Detection for Intrusion Detection Systems

TL;DR

ACORN-IDS tackles intrusion detection under non-stationary traffic and zero-day threats by integrating a continual feature extractor with PCA-based anomaly scoring, learned from a small clean normal set and an unlabeled streaming feed. It uses K-Means pseudo-labeling to propagate supervision, reservoir memories to mitigate forgetting, and a triplet-margin metric alongside reconstruction loss to shape discriminative latent representations that align with PCA scoring. Across five realistic datasets and two continual learning settings, ACORN-IDS outperforms unsupervised continual learning and novelty detection baselines, showing substantial gains in F1 and zero-day detection while preserving past knowledge and maintaining low inference overhead. The approach demonstrates that continual novelty detection is a viable, scalable path for robust, label-efficient IDS in dynamic real-world environments, with practical implications for real-time security systems, and plans to release code upon acceptance.

Abstract

Intrusion Detection Systems (IDS) must maintain reliable detection performance under rapidly evolving benign traffic patterns and the continual emergence of cyberattacks, including zero-day threats with no labeled data available. However, most machine learning-based IDS approaches either assume static data distributions or rely on labeled attack samples, substantially limiting their applicability in real-world deployments. This setting naturally motivates continual novelty detection, which enables IDS models to incrementally adapt to non-stationary data streams without labeled attack data. In this work, we introduce ACORN-IDS, an adaptive continual novelty detection framework that learns exclusively from normal data while exploiting the inherent structure of an evolving unlabeled data stream. ACORN-IDS integrates a continual feature extractor, trained using reconstruction and metric learning objectives with clustering-based pseudo-labels, alongside a PCA-based reconstruction module for anomaly scoring. This design allows ACORN-IDS to continuously adapt to distributional shifts in both benign and malicious traffic. We conduct an extensive evaluation of ACORN-IDS on five realistic intrusion datasets under two continual learning scenarios: (i) Evolving Attacks and (ii) Evolving Normal and Attack Distributions. ACORN-IDS achieves, on average, a 62% improvement in F1-score and a 58% improvement in zero-day attack detection over the state-of-the-art unsupervised continual learning baseline. It also outperforms existing state-of-the-art novelty detection approaches while exhibiting near-zero forgetting and imposing minimal inference overhead. These results demonstrate that ACORN-IDS offers a practical, label-efficient solution for building adaptive and robust IDS in dynamic, real-world environments. We plan to release the code upon acceptance.

Figures (8)

• Figure 1: Motivating example illustrating the effects of distribution shift: (a) evolving attack distributions and (b) evolving normal data distributions. In the absence of continual learning mechanisms, state-of-the-art methods exhibit significant performance degradation under such distributional changes.
• Figure 2: Overview of the ACORN-IDS continual novelty detection framework for intrusion detection systems.
• Figure 3: Overview of the CL data preparation process.
• Figure 4: AVG score of ACORN-IDS compared with all baselines under the EA scenario across all datasets.
• Figure 5: AVG score of ACORN-IDS compared with all baselines under the ENA scenario across all datasets.