Ensembling to improve infected hosts detection
In this paper we describe the main ensemble learning techniques and their application in the cybersecurity threats detection. The state of the art in the use of ensemble learning techniques is presented here as an alternative to the current intrusion detection mechanisms, analyzing their advantages...
Guardado en:
Autores principales: | , , |
---|---|
Formato: | Objeto de conferencia |
Lenguaje: | Inglés |
Publicado: |
2019
|
Materias: | |
Acceso en línea: | http://sedici.unlp.edu.ar/handle/10915/90565 |
Aporte de: |
id |
I19-R120-10915-90565 |
---|---|
record_format |
dspace |
institution |
Universidad Nacional de La Plata |
institution_str |
I-19 |
repository_str |
R-120 |
collection |
SEDICI (UNLP) |
language |
Inglés |
topic |
Ciencias Informáticas Ensemble leaming Cybersecurity Malware / spyware crime Intrusion detection systems |
spellingShingle |
Ciencias Informáticas Ensemble leaming Cybersecurity Malware / spyware crime Intrusion detection systems Venosa, Paula García, Sebastián Díaz, Francisco Javier Ensembling to improve infected hosts detection |
topic_facet |
Ciencias Informáticas Ensemble leaming Cybersecurity Malware / spyware crime Intrusion detection systems |
description |
In this paper we describe the main ensemble learning techniques and their application in the cybersecurity threats detection. The state of the art in the use of ensemble learning techniques is presented here as an alternative to the current intrusion detection mechanisms, analyzing their advantages and disadvantages. We propose to incorporate ensemble learning to SLIPS [3], a behavioral-based intrusion detection and prevention system that uses machine learning algorithms to detect malicious behaviors, to obtain better results, taking advantage of the benefits of the SLIPS classifiers and modules. As part of this work we extend ensembling by considering algorithms from different domains (not machine learning domains), as Thread Intelligence. As a first stage of this project, performance tests of ensemble learning algorithms were performed to detect malware from flows evaluating its accuracy. The results of these tests are presented here, as well as the conclusions obtained and the future work. |
format |
Objeto de conferencia Objeto de conferencia |
author |
Venosa, Paula García, Sebastián Díaz, Francisco Javier |
author_facet |
Venosa, Paula García, Sebastián Díaz, Francisco Javier |
author_sort |
Venosa, Paula |
title |
Ensembling to improve infected hosts detection |
title_short |
Ensembling to improve infected hosts detection |
title_full |
Ensembling to improve infected hosts detection |
title_fullStr |
Ensembling to improve infected hosts detection |
title_full_unstemmed |
Ensembling to improve infected hosts detection |
title_sort |
ensembling to improve infected hosts detection |
publishDate |
2019 |
url |
http://sedici.unlp.edu.ar/handle/10915/90565 |
work_keys_str_mv |
AT venosapaula ensemblingtoimproveinfectedhostsdetection AT garciasebastian ensemblingtoimproveinfectedhostsdetection AT diazfranciscojavier ensemblingtoimproveinfectedhostsdetection |
bdutipo_str |
Repositorios |
_version_ |
1764820490150477826 |