2017
DOI: 10.1007/978-3-319-60080-2_19
|View full text |Cite
|
Sign up to set email alerts
|

Learning Representations for Log Data in Cybersecurity

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
21
0
1

Year Published

2018
2018
2023
2023

Publication Types

Select...
6
1
1

Relationship

0
8

Authors

Journals

citations
Cited by 25 publications
(22 citation statements)
references
References 14 publications
0
21
0
1
Order By: Relevance
“…Each autoencoder had an input layer whose dimension is equal to the number of features in the dataset (i.e., 115). As noted by [16] and [15], autoencoders effectively perform dimensionality reduction internally, such that the code layer between the encoder(s) and decoder(s) efficiently compresses the input layer and reflects its essential characteristics. In our experiments, four hidden layers of encoders were set at decreasing sizes of 75%, 50%, 33%, and 25% of the input layer's dimension.…”
Section: Empirical Evaluationmentioning
confidence: 99%
See 1 more Smart Citation
“…Each autoencoder had an input layer whose dimension is equal to the number of features in the dataset (i.e., 115). As noted by [16] and [15], autoencoders effectively perform dimensionality reduction internally, such that the code layer between the encoder(s) and decoder(s) efficiently compresses the input layer and reflects its essential characteristics. In our experiments, four hidden layers of encoders were set at decreasing sizes of 75%, 50%, 33%, and 25% of the input layer's dimension.…”
Section: Empirical Evaluationmentioning
confidence: 99%
“…1) To the best of our knowledge, we are the first to apply autoencoders to IoT network traffic for anomaly detection, as a complete means of detecting botnet attacks. Even in the larger domain of network traffic analysis, autoencoders have not been used as fully automated standalone malware detectors, but rather as preliminary tools for either feature learning [15] or dimensionality reduction [16], or at most as semimanual outlier detectors which substantially depend on human labeling for subsequent classification [17] or further inspection by security analysts [13]. 2) Unlike previous experimental studies on the detection of IoT botnets or IoT traffic anomalies which relied on emulated or simulated data ( [4], [7], [8], [10]), we perform empirical evaluation with real traffic data, gathered from nine commercial IoT devices infected by authentic botnets from two families.…”
Section: Introductionmentioning
confidence: 99%
“…They have proposed a method based on a neural language model that has promisingly outperformed the current signature extraction techniques. [51] has developed an enterprise-grade framework that uses a divide and conquer strategy combing the analytics of behavior and modeling of time series. This approach has achieved an area under the curve receiver operating characteristics curve of 0.943.…”
Section: Organizationmentioning
confidence: 99%
“…In this context, in order to provide embedded intelligence in the IoT environment, we can consider Machine Learning (ML) as one of the most effective computational models. Machine learning approaches have been used for different network security tasks such as network traffic analysis [3], [4], [5], intrusion detection [6], and botnet detection [7]. Machine Learning can be described as an intelligent device's ability to modify or automate a knowledge-based state or behavior, which is considered a critical part of an IoT solution.…”
Section: Introductionmentioning
confidence: 99%
“…One of the advantages of this class of detection technique is its ability to detect all known attacks effectively without generating an overwhelming number of false alarms. In the literature, some works use signature-based techniques to detect attacks [3], [7]; for instance, in the domain of network traffic analysis, [3] applied four different machine learning techniques as preliminary tools to learn the features of some known attacks. Signature-based techniques were also used in [7] to identify compromised machines by identifying botnet network traffic patterns.…”
Section: Introductionmentioning
confidence: 99%