Web Service Intrusion Detection Using a Probabilistic Framework

Sallay, Hassen; Bourouis, Sami; Bouguila, Nizar

doi:10.1007/978-3-319-08422-0_24

Cited by 4 publications

(4 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recall is another measure to compute the ratio of the number of correctly identified intrusions over the total number of intrusions. F1 score is a composite measure computed as the weighted average of the recall and precision [14]. It provides a balance through incorporation of both precision and recall.…”

Section: Machine Learning Techniques Primermentioning

confidence: 99%

See 1 more Smart Citation

A Systematic Review of Defensive and Offensive Cybersecurity with Machine Learning

2020

View full text Add to dashboard Cite

This is a systematic review of over one hundred research papers about machine learning methods applied to defensive and offensive cybersecurity. In contrast to previous reviews, which focused on several fragments of research topics in this area, this paper systematically and comprehensively combines domain knowledge into a single review. Ultimately, this paper seeks to provide a base for researchers that wish to delve into the field of machine learning for cybersecurity. Our findings identify the frequently used machine learning methods within supervised, unsupervised, and semi-supervised machine learning, the most useful data sets for evaluating intrusion detection methods within supervised learning, and methods from machine learning that have shown promise in tackling various threats in defensive and offensive cybersecurity.

show abstract

Section: Machine Learning Techniques Primermentioning

confidence: 99%

“…False alarm rate is considered as the proportion between the number of normal connections that are incorrectly categorized as attacks and the aggregate of normal connections [11]. The confusion matrix presents the distribution of correctly and incorrectly classified or predicted data points [14].…”

Section: Machine Learning Techniques Primermentioning

confidence: 99%

A Systematic Review of Defensive and Offensive Cybersecurity with Machine Learning

2020

View full text Add to dashboard Cite

show abstract

“…The later work used the socalled maximum likelihood method to estimate the statistical model's parameters. An anomaly-based algorithm that uses a discriminative machine learning model is implemented to detect intrusions attempts [45]. In fact, input intrusions can be modeled as outliers via a principled probabilistic approach.…”

Section: Machine Learning (Ml) Perspectivesmentioning

confidence: 99%

Alerts Clustering for Intrusion Detection Systems: Overview and Machine Learning Perspectives

Alhakami¹

2019

IJACSA

View full text Add to dashboard Cite

The tremendous amount of the security alerts due to the high-speed alert generation of high-speed networks make the management of intrusion detection computationally expensive. Evidently, the high-level rate of wrong alerts disproves the Intrusion Detection Systems (IDS) performances and decrease its capability to prevent cyber-attacks which lead to tedious alert analysis task. Thus, it is important to develop new tools to understand intrusion data and to represent them in a compact forms using, for example, an alert clustering process. This hot topic of research is studied here and an understandable taxonomy followed by a deep survey of main published works related to intrusion alert management is presented in this paper. The second part of this work exposes different useful steps for designing a unified IDS system on the basis of machine learning techniques which are considered one of the most powerful tools for solving certain problems related to alert management and outlier detection.

show abstract

“…It can be regarded as a data stream version of a maximum likelihood method for the estimation of the model parameters. Recently, we have proposed an anomaly‐based approach to detect intrusions attempts . In this work, intrusions (or attacks) are modeled as outliers (or noise) within a principled probabilistic framework.…”

Section: Related Workmentioning

confidence: 99%

Intrusion detection alert management for high‐speed networks: current researches and applications

Sallay

Bourouis²

2015

Security Comm Networks

Self Cite

View full text Add to dashboard Cite

We propose an intrusion detection alert classifier based on a discriminative machine learning approach satisfying highspeed networks constraints. We mainly address the huge number of alerts and the high level rate of false ones produced in such environment. The classifier is based on online-adaptive support vector machine schemes. We demonstrate the utility of the developed method through extensive simulations and experiments against three data sets. Our intrusion alert classifier is crucial for forensics expert alert analysis and security threats understanding. It assists in taking the appropriate defensive and investigative actions, and therefore, it enhances the forensics readiness process.

show abstract

Web Service Intrusion Detection Using a Probabilistic Framework

Cited by 4 publications

References 37 publications

A Systematic Review of Defensive and Offensive Cybersecurity with Machine Learning

A Systematic Review of Defensive and Offensive Cybersecurity with Machine Learning

Alerts Clustering for Intrusion Detection Systems: Overview and Machine Learning Perspectives

Intrusion detection alert management for high‐speed networks: current researches and applications

Contact Info

Product

Resources

About