Taking advantage of unsupervised learning in incident response
| Autor: | Victor Patriciu, Constantin Nila |
|---|---|
| Rok vydání: | 2020 |
| Předmět: |
021110 strategic
defence & security studies Computer science business.industry Dimensionality reduction Feature extraction 0211 other engineering and technologies Feature selection 02 engineering and technology Machine learning computer.software_genre Triage Domain (software engineering) Visualization 0202 electrical engineering electronic engineering information engineering Incident response Unsupervised learning 020201 artificial intelligence & image processing Artificial intelligence business computer |
| Zdroj: | 2020 12th International Conference on Electronics, Computers and Artificial Intelligence (ECAI). |
| DOI: | 10.1109/ecai50035.2020.9223163 |
| Popis: | This paper looks at new ways to improve the necessary time for incident response triage operations. By employing unsupervised K-means, enhanced by both manual and automated feature extraction techniques, the incident response team can quickly and decisively extrapolate malicious web requests that concluded to the investigated exploitation. More precisely, we evaluated the benefits of different visualization enhancing methods that can improve feature selection and other dimensionality reduction techniques. Furthermore, early tests of the gross framework have shown that the necessary time for triage is diminished, more so if a hybrid multi-model is employed. Our case study revolved around the need for unsupervised classification of unknown web access logs. However, the demonstrated principals may be considered for other applications of machine learning in the cybersecurity domain. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|