Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CCS
2009
ACM
2009
ACM
Active learning for network intrusion detection
Anomaly detection for network intrusion detection is usually considered an unsupervised task. Prominent techniques, such as one-class support vector machines, learn a hypersphere enclosing network data, mapped to a vector space, such that points outside of the ball are considered anomalous. However, this setup ignores relevant information such as expert and background knowledge. In this paper, we rephrase anomaly detection as an active learning task. We propose an effective active learning strategy to query lowconfidence observations and to expand the data basis with minimal labeling effort. Our empirical evaluation on network intrusion detection shows that our approach consistently outperforms existing methods in relevant scenarios. Categories and Subject Descriptors C.2.0 [Computer-Communication Networks]: General—Security and protection; I.2.6 [Artificial Intelligence]: Learning—Parameter learning; I.5.2 [Pattern Recognition]: Design Methodology—Classifier design and eva...
Real-time TrafficRelated Content
| Added | 19 May 2010 |
| Updated | 19 May 2010 |
| Type | Conference |
| Year | 2009 |
| Where | CCS |
| Authors | Nico Görnitz, Marius Kloft, Konrad Rieck, Ulf Brefeld |
Comments (0)
Researcher Info
|
