Using Active Learning in Intrusion Detection

9 years 2 months ago
Using Active Learning in Intrusion Detection
Intrusion Detection Systems (IDSs) have become an important part of operational computer security. They are the last line of defense against malicious hackers and help detect ongoing attacks as well as mitigate their damage. However, intrusion detection systems are not turnkey solutions but are heavily dependent on expensive and scarce security experts for successful operation. By emphasizing selflearning algorithms, we can reduce dependence on the domain expert but instead require massive amounts of labeled training data, another scarce resource in intrusion detection. In this paper we investigate whether an active learning algorithm can perform on a par with a traditional selflearning algorithm in terms of detection accuracy but using significantly less labeled data. Our preliminary findings indicate that the active learning algorithm generally performs better than the traditional learning algorithm given the same amount of training data. Moreover, the reduction of labeled data need...
Magnus Almgren, Erland Jonsson
Added 20 Aug 2010
Updated 20 Aug 2010
Type Conference
Year 2004
Where CSFW
Authors Magnus Almgren, Erland Jonsson
Comments (0)