Exploratory and Explanation-Aware Network Intrusion Profiling using Subgroup Discovery and Complex Network Analysis
Autor(en): | Atzmueller, Martin Sylvester, Sophia Kanawati, Rushed |
Stichwörter: | Attack Profiling; Complex Network Analysis; Complex networks; Computer crime; Cyber security; Cybersecurity; Intrusion detection; Local Pattern Mining; Local patterns; Network Intrusion Detection; Network intrusions; Network traffic; Pattern mining; Subgroup Discovery | Erscheinungsdatum: | 2023 | Herausgeber: | Association for Computing Machinery | Enthalten in: | ACM International Conference Proceeding Series | Startseite: | 153 – 158 | Zusammenfassung: | In this paper, we target the problem of mining descriptive profiles of computer network intrusion attacks. We present an exploratory and explanation-aware approach using subgroup discovery - facilitating human-in-the-loop interaction for guiding the exploration process - since the results of subgroup discovery are inherently interpretable patterns. Furthermore, we explore enriching the feature set describing the network traffic (i. e., exchanged packets) with a new type of features computed on complex networks depicting the interactions among the different involved sites. Complex networks based metrics provide explainable features on the global network level, compared to local features targeted at the local network traffic/packet level. We exemplify the proposed approach using the standard UNSW-NB15 dataset for network intrusion detection. © 2023 ACM. |
Beschreibung: | Cited by: 0; Conference name: 2023 European Interdisciplinary Cybersecurity Conference, EICC 2023; Conference date: 14 June 2023 through 15 June 2023; Conference code: 188975 |
ISBN: | 9781450398299 | DOI: | 10.1145/3590777.3590803 | Externe URL: | https://www.scopus.com/inward/record.uri?eid=2-s2.0-85161421496&doi=10.1145%2f3590777.3590803&partnerID=40&md5=ddd7b416a5a872e251910a314a9976c5 |
Zur Langanzeige
Seitenaufrufe
6
Letzte Woche
0
0
Letzter Monat
0
0
geprüft am 06.06.2024