Name
Abstract | ||
|---|---|---|
Intrusion Detection Systems (IDSs) have become an importantpart of operational computer security. They are thelast line of defense against malicious hackers and help detectongoing attacks as well as mitigate their damage. However,intrusion detection systems are not turnkey solutionsbut are heavily dependent on expensive and scarce securityexperts for successful operation. By emphasizing self-learningalgorithms, we can reduce dependence on the domainexpert but instead require massive amounts of labeledtraining data, another scarce resource in intrusion detection.In this paper we investigate whether an active learningalgorithm can perform on a par with a traditional self-learningalgorithm in terms of detection accuracy but usingsignificantly less labeled data. Our preliminary findingsindicate that the active learning algorithm generally performsbetter than the traditional learning algorithm giventhe same amount of training data. Moreover, the reductionof labeled data needed can be as much as 80 times, shownby comparing an active learner with a traditional learnerwith similar detection accuracy. Thus, active learning algorithmsseem promising in that they can reduce the dependenceon security experts in the development of new detectionrules by better leveraging the knowledge and time of the expert. |
Year | DOI | Venue |
|---|---|---|
2004 | 10.1109/CSFW.2004.25 | CSFW |
Keywords | Field | DocType |
expert systems,learning (artificial intelligence),security of data,active learner,active learning,attack detection,detection accuracy,detection rules,expert knowledge,intrusion detection systems,labeled data,malicious hackers,operational computer security,security experts,self-learning algorithm,traditional learner,training data | Data mining,Data security,Active learning,Computer science,Subject-matter expert,Expert system,Support vector machine,Artificial intelligence,Intrusion detection system,Machine learning,Information and Computer Science,The Internet | Conference |
ISSN | ISBN | Citations |
1063-6900 | 0-7695-2169-X | 21 |
PageRank | References | Authors |
0.92 | 13 | 2 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Magnus Almgren | 1 | 270 | 39.17 |
| Erland Jonsson | 2 | 556 | 63.09 |