Ensembling to improve infected hosts detection

In this paper we describe the main ensemble learning techniques and their application in the cybersecurity threats detection. The state of the art in the use of ensemble learning techniques is presented here as an alternative to the current intrusion detection mechanisms, analyzing their advantages...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Venosa, Paula, García, Sebastián, Díaz, Francisco Javier
Formato: Objeto de conferencia
Lenguaje:Inglés
Publicado: 2019
Materias:
Ciencias Informáticas
Ensemble leaming
Cybersecurity
Malware / spyware crime
Intrusion detection systems
Acceso en línea:http://sedici.unlp.edu.ar/handle/10915/90565
Aporte de:
SEDICI (UNLP) de Universidad Nacional de La Plata
id I19-R120-10915-90565
record_format dspace
institution Universidad Nacional de La Plata
institution_str I-19
repository_str R-120
collection SEDICI (UNLP)
language Inglés
topic Ciencias Informáticas
Ensemble leaming
Cybersecurity
Malware / spyware crime
Intrusion detection systems
spellingShingle Ciencias Informáticas
Ensemble leaming
Cybersecurity
Malware / spyware crime
Intrusion detection systems
Venosa, Paula
García, Sebastián
Díaz, Francisco Javier
Ensembling to improve infected hosts detection
topic_facet Ciencias Informáticas
Ensemble leaming
Cybersecurity
Malware / spyware crime
Intrusion detection systems
description In this paper we describe the main ensemble learning techniques and their application in the cybersecurity threats detection. The state of the art in the use of ensemble learning techniques is presented here as an alternative to the current intrusion detection mechanisms, analyzing their advantages and disadvantages. We propose to incorporate ensemble learning to SLIPS [3], a behavioral-based intrusion detection and prevention system that uses machine learning algorithms to detect malicious behaviors, to obtain better results, taking advantage of the benefits of the SLIPS classifiers and modules. As part of this work we extend ensembling by considering algorithms from different domains (not machine learning domains), as Thread Intelligence. As a first stage of this project, performance tests of ensemble learning algorithms were performed to detect malware from flows evaluating its accuracy. The results of these tests are presented here, as well as the conclusions obtained and the future work.
format Objeto de conferencia
Objeto de conferencia
author Venosa, Paula
García, Sebastián
Díaz, Francisco Javier
author_facet Venosa, Paula
García, Sebastián
Díaz, Francisco Javier
author_sort Venosa, Paula
title Ensembling to improve infected hosts detection
title_short Ensembling to improve infected hosts detection
title_full Ensembling to improve infected hosts detection
title_fullStr Ensembling to improve infected hosts detection
title_full_unstemmed Ensembling to improve infected hosts detection
title_sort ensembling to improve infected hosts detection
publishDate 2019
url http://sedici.unlp.edu.ar/handle/10915/90565
work_keys_str_mv AT venosapaula ensemblingtoimproveinfectedhostsdetection
AT garciasebastian ensemblingtoimproveinfectedhostsdetection
AT diazfranciscojavier ensemblingtoimproveinfectedhostsdetection
bdutipo_str Repositorios
_version_ 1764820490150477826

Ejemplares similares