*Result*: Transfer and online learning for IP maliciousness prediction in a concept drift scenario.

*Determining the maliciousness of a cybersecurity incident is essential to establish effective measures against it. To process large volumes of data in an automated way, machine learning techniques are commonly applied to the problem. One of the main obstacles to apply machine learning effectively is that the data distribution is not stationary, so a model trained on old data tends to degrade as new data with a different distribution is processed. This change in the distribution of data over time is known as concept drift and affects the reports of new events, which may compromise model performance. To tackle this problem this paper evaluates the effectiveness of transfer learning techniques in reducing the impact of concept drift on the performance of models for assigning maliciousness to IPs. We compare this approach with the application of online-updated models, which are another common approach to adapt to concept drift in the data. We analyse the performance of both approaches to determine which may be more effective in this setting. [ABSTRACT FROM AUTHOR]*