Active Learning for Network Intrusion Detection
نویسندگان
چکیده
Network operators are generally aware of common attack vectors that they defend against. For most networks, the vast majority traffic is legitimate. However, new continually designed and attempted by bad actors which bypass detection go unnoticed due to low volume. One strategy for finding such activity look anomalous behavior. Investigating behavior requires significant time resources. Collecting a large number labeled examples training supervised models both prohibitively expensive subject obsoletion as attacks surface. A purely unsupervised methodology ideal; however, research has shown even very small can significantly improve quality anomaly detection. minimizes required labels while maximizing desirable. False positives in this context result wasted effort or blockage legitimate traffic, false negatives translate undetected attacks. We propose general active learning framework experiment with different choices learners sampling strategies.
منابع مشابه
A Hybrid Machine Learning Method for Intrusion Detection
Data security is an important area of concern for every computer system owner. An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations. Already various techniques of artificial intelligence have been used for intrusion detection. The main challenge in this area is the running speed of the available implemen...
متن کاملMachine Learning for Network Intrusion Detection
Cyber security is an important and growing area of data mining and machine learning applications. We address the problem of distinguishing benign network traffic from malicious network-based attacks. Given a labeled dataset of some 5M network connection traces, we have implemented both supervised (Decision Trees, Random Forests) and unsupervised (Local Outlier Factor) learning algorithms to sol...
متن کاملAttribute Learning for Network Intrusion Detection
Network intrusion detection is one of the most visible uses for Big Data analytics. One of the main problems in this application is the constant rise of new attacks. This scenario, characterized by the fact that not enough labeled examples are available for the new classes of attacks is hardly addressed by traditional machine learning approaches. New findings on the capabilities of Zero-Shot le...
متن کاملMachine Learning for Network Intrusion Detection
3 Reviewed Work 2 3.1 Machine Learning in Intrusion Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 3.1.1 Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 3.1.2 Methods and Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 3.2 Active Learning for Network Intrusion Detection . . . . . . . ...
متن کاملMachine Learning for Network Intrusion Detection
In recent years, networks have become an increasingly valuable target of malicious attacks due to the increased amount of user data they contain. In defense, Network Intrusion Detection Systems (NIDSs) have been developed to detect and report suspicious activity (i.e. an attack). In this project, we explore unsupervised learning techniques for building NIDs, which only analyze unencrypted packe...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Transactions on Computer Systems and Networks
سال: 2021
ISSN: ['2730-7492', '2730-7484']
DOI: https://doi.org/10.1007/978-981-16-1681-5_1