توضیحات
ABSTRACT
We present an analyst-in-the-loop security system, where analyst intuition is put together with stateof- the-art machine learning to build an end-to-end active learning system. The system has four key features: a big data behavioral analytics platform, an ensemble of outlier detection methods, a mechanism to obtain feedback from security analysts, and a supervised learning module. When these four components are run in conjunction on a daily basis and are compared to an unsupervised outlier detection method, detection rate improves by an average of 3.41, and false positives are reduced fivefold. We validate our system with a real-world data set consisting of 3.6 billion log lines. These results show that our system is capable of learning to defend against unseen attacks
INTRODUCTION
Today, information security solutions generally fall into two categories: analyst-driven, or unsupervised machine learning-driven. Analyst-driven solutions rely on rules determined by fraud and security experts, and usually lead to high rates of undetected attacks (false negatives), as well as delays between attack detection and implementation of preventative countermeasures. Moreover, bad actors often figure out current rules, and design newer attacks that can sidestep detection. Using unsupervised machine learning to detect rare or anomalous patterns can improve detection of new attacks. However, it may also trigger more false positive alarms and alerts, which can themselves require substantial investigative efforts before they are dismissed. Such false alarms can cause alarm fatigue and distrust, and over time, can cause reversion to analyst-driven solutions, with their attendant weaknesses.We identified three major challenges facing the information security industry, each of which could be addressed by
machine learning solutions:Lack of labeled data: Many enterprises lack labeled examples from previous attacks, undercutting the ability to use supervised learning models
Year : 2016
Publisher : IEEE
By : Kalyan Veeramachaneni , Ignacio Arnaldo
File Information :English Language /13 Page / Size : 2.4 M
Download : click
سال : 2016
ناشر : IEEE
کاری از : Kalyan Veeramachaneni , Ignacio Arnaldo
اطلاعات فایل : زبان انگلیسی / 13 صفحه /حجم : 2.4 M
لینک دانلود : روی همین لینک کلیک کنید
نقد و بررسیها
هنوز بررسیای ثبت نشده است.