Ponencia
Methodology for the Detection of Contaminated Training Datasets for Machine Learning-Based Network Intrusion-Detection Systems [Póster]
Autor/es | Medina Arco, Joaquín Gaspar
Magán Carrión, Roberto Rodríguez Gómez, Rafael A. García Teodoro, Pedro |
Coordinador/Director | Varela Vaca, Ángel Jesús
Ceballos Guerrero, Rafael Reina Quintero, Antonia María |
Fecha de publicación | 2024 |
Fecha de depósito | 2024-07-19 |
Publicado en |
|
ISBN/ISSN | 978-84-09-62140-8 |
Resumen | With the significant increase in cyber-attacks and attempts to gain unauthorised access to systems and information, Network Intrusion-Detection Systems (NIDSs) have become essential detection tools. Anomaly-based systems ... With the significant increase in cyber-attacks and attempts to gain unauthorised access to systems and information, Network Intrusion-Detection Systems (NIDSs) have become essential detection tools. Anomaly-based systems use machine learning techniques to distinguish between normal and anomalous traffic. They do this by using training datasets that have been previously gathered and labelled, allowing them to learn to detect anomalies in future data. However, such datasets can be accidentally or deliberately contaminated, compromising the performance of NIDSs. This paper addresses the mislabelling problem of real network traffic datasets by introducing a novel methodology that (i) allows analysing the quality of a network traffic dataset by identifying possible hidden or unidentified anomalies and (ii) selects the ideal subset of data to optimise the performance of the anomaly detection model even in the presence of hidden attacks erroneously labelled as normal network traffic. |
Cita | Medina Arco, J.G., Magán Carrión, R., Rodríguez Gómez, R.A. y García Teodoro, P. (2024). Methodology for the Detection of Contaminated Training Datasets for Machine Learning-Based Network Intrusion-Detection Systems [Póster]. En Jornadas Nacionales de Investigación en Ciberseguridad (JNIC) (9ª.2024. Sevilla) (466-467), Sevilla: Universidad de Sevilla. Escuela Técnica Superior de Ingeniería Informática. |
Ficheros | Tamaño | Formato | Ver | Descripción |
---|---|---|---|---|
JNIC24_484.pdf | 677.5Kb | [PDF] | Ver/ | |