left_panel_shows_contour

AI2 : Training a big data machine to defend

رایگان!

We present an analyst-in-the-loop security system, where analyst intuition is put together with stateof- the-art machine learning to build an end-to-end active learning system. The system has four key features: a big data behavioral analytics platform, an ensemble of outlier detection methods, a mechanism to obtain feedback from security analysts, and a supervised learning module. When these four components are run in conjunction on a daily basis and are compared to an unsupervised outlier detection method, detection rate improves by an average of 3.41, and false positives are reduced fivefold. We validate our system with a real-world data set consisting of 3.6 billion log lines. These results show that our system is capable of learning to defend against unseen attacks

توضیحات محصول

ABSTRACT
We present an analyst-in-the-loop security system, where analyst intuition is put together with stateof- the-art machine learning to build an end-to-end active learning system. The system has four key features: a big data behavioral analytics platform, an ensemble of outlier detection methods, a mechanism to obtain feedback from security analysts, and a supervised learning module. When these four components are run in conjunction on a daily basis and are compared to an unsupervised outlier detection method, detection rate improves by an average of 3.41, and false positives are reduced fivefold. We validate our system with a real-world data set consisting of 3.6 billion log lines. These results show that our system is capable of learning to defend against unseen attacks

INTRODUCTION

Today, information security solutions generally fall into two categories: analyst-driven, or unsupervised machine learning-driven. Analyst-driven solutions rely on rules determined by fraud and security experts, and usually lead to high rates of undetected attacks (false negatives), as well as delays between attack detection and implementation of preventative countermeasures. Moreover, bad actors often figure out current rules, and design newer attacks that can sidestep detection. Using unsupervised machine learning to detect rare or anomalous patterns can improve detection of new attacks. However, it may also trigger more false positive alarms and alerts, which can themselves require substantial investigative efforts before they are dismissed. Such false alarms can cause alarm fatigue and distrust, and over time, can cause reversion to analyst-driven solutions, with their attendant weaknesses.We identified three major challenges facing the information security industry, each of which could be addressed by
machine learning solutions:Lack of labeled data: Many enterprises lack labeled examples from previous attacks, undercutting the ability to use supervised learning models

Year : 2016

Publisher : IEEE

By : Kalyan Veeramachaneni , Ignacio Arnaldo

File Information :English Language /13 Page / Size : 2.4 M

Download : click

سال : 2016

ناشر : IEEE

کاری از : Kalyan Veeramachaneni , Ignacio Arnaldo

اطلاعات فایل : زبان انگلیسی / 13 صفحه /حجم : 2.4 M

لینک دانلود : روی همین لینک کلیک کنید

دیدگاه‌ها

هیچ دیدگاهی برای این محصول نوشته نشده است.

Be the first to review “AI2 : Training a big data machine to defend”