The More, the Better
| Autor: | Benedikt Holmes, Ulrike Meyer, Justus von Brandt, Arthur Drichel |
|---|---|
| Rok vydání: | 2021 |
| Předmět: |
FOS: Computer and information sciences
Computer Science - Machine Learning Computer Science - Cryptography and Security Computer science Generalization Botnet 02 engineering and technology Machine learning computer.software_genre Machine Learning (cs.LG) Domain (software engineering) Reduction (complexity) 03 medical and health sciences Classifier (linguistics) 0202 electrical engineering electronic engineering information engineering 030304 developmental biology 0303 health sciences business.industry Collaborative learning Complement (complexity) 020201 artificial intelligence & image processing Artificial intelligence False positive rate business Cryptography and Security (cs.CR) computer |
| Zdroj: | CYSARM@CCS New York,NY : ACM, ACM Conferences 1-12 (2021). doi:10.1145/3474374.3486915 Proceedings of the 3rd Workshop on Cyber-Security Arms Race / Chen, Liqun Proceedings of the 3rd Workshop on Cyber-Security Arms Race / Chen, Liqun3. Workshop on Cyber-Security Arms Race, CYSARM '21, online, 2021-11-19-2021-11-19 |
| DOI: | 10.1145/3474374.3486915 |
| Popis: | Domain generation algorithms (DGAs) prevent the connection between a botnet and its master from being blocked by generating a large number of domain names. Promising single-data-source approaches have been proposed for separating benign from DGA-generated domains. Collaborative machine learning (ML) can be used in order to enhance a classifier's detection rate, reduce its false positive rate (FPR), and to improve the classifier's generalization capability to different networks. In this paper, we complement the research area of DGA detection by conducting a comprehensive collaborative learning study, including a total of 13,440 evaluation runs. In two real-world scenarios we evaluate a total of eleven different variations of collaborative learning using three different state-of-the-art classifiers. We show that collaborative ML can lead to a reduction in FPR by up to 51.7%. However, while collaborative ML is beneficial for DGA detection, not all approaches and classifier types profit equally. We round up our comprehensive study with a thorough discussion of the privacy threats implicated by the different collaborative ML approaches. Accepted at The 3rd Workshop on Cyber-Security Arms Race (CYSARM '21) |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|