Network traffic classification based on periodic behavior detection

Koumar, Josef; Čejka, Tomáš

doi:10.23919/cnsm55787.2022.9964556

Cited by 7 publications

(1 citation statement)

References 48 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Table 5 lists the relevant papers we found at the publication venues introduced in [50], [51], [52], [53], [54], [55], [56], [57], [58] ICC 41 24.7 %…”

Section: Publication Venuesmentioning

confidence: 99%

The Missing Link in Network Intrusion Detection: Taking AI/ML Research Efforts to Users

Dietz,

Mühlhauser,

Kögel

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Intrusion Detection Systems (IDS) tackle the challenging task of detecting network attacks as fast as possible. As this is getting more complex in modern enterprise networks, Artificial Intelligence (AI) and Machine Learning (ML) have gained substantial popularity in research. However, their adoption into real-world IDS solutions remains poor. Academic research often overlooks the interconnection of users and technical aspects. This leads to less explainable AI/ML models that hinder trust among AI/ML non-experts. Additionally, research often neglects secondary concerns such as usability and privacy. If IDS approaches conflict with current regulations or if administrators cannot deal with attacks more effectively, enterprises will not adopt the IDS in practice. To identify those problems systematically, our literature survey takes a user-centric approach; we examine IDS research from the perspective of stakeholders by applying the concept of personas. Further, we investigate multiple factors limiting the adoption of AI/ML in security and suggest technical, non-technical, and user-related considerations to enhance the adoption in practice. Our key contributions are threefold. (i) We derive personas from realistic enterprise scenarios, (ii) we provide a set of relevant hypotheses in the form of a review template, and (iii), based on our reviews, we derive design guidelines for practical implementations. To the best of our knowledge, this is the first paper that analyzes practical adoption barriers of AI/ML-based intrusion detection solutions concerning appropriateness of data, reproducibility, explainability, practicability, usability, and privacy. Our guidelines may help researchers to holistically evaluate their AI/ML-based IDS approaches to increase practical adoption.

show abstract

“…Table 5 lists the relevant papers we found at the publication venues introduced in [50], [51], [52], [53], [54], [55], [56], [57], [58] ICC 41 24.7 %…”

Section: Publication Venuesmentioning

confidence: 99%