INVESTIGADORES
BROMBERG Facundo
congresos y reuniones científicas
Título:
An Application of a Bayesian Semi- supervised Learning Strategy to Network Intrusion Detection
Autor/es:
GARCIA GARINO, CARLOS; GARCIA GARINO, CARLOS; BROMBERG, FACUNDO
Lugar:
Buenos Aires
Reunión:
Congreso; Argentine Symposium of Artificial Intelligence; 2010
Institución organizadora:
Sociedad Argentina de Informática
Resumen:
Supervised learning classifiers have proved to be a viable solution
in the network intrusion detection field. In practice, however, it is difficult
to obtain the required labeled data for implementing these approaches.
An alternative approach that avoids the need of labeled
datasets consists of using classifiers following a
semi-supervised strategy. These classifiers use in their learning
process information from labeled and unlabeled datapoints.
One of these semi-supervised approaches, originally
applied to text classification, combines a na\"ive Bayes (NB) classifier
with the expectation maximization (EM) algorithm. Despite some
differences, network intrusion detection shares many of the
characteristics of the document classification problem. It is
extremely hard to obtain labeled data whereas there are plenty of
unlabeled data easily accessible. This work aims to determinate the
viability of applying semi-supervised techniques to network intrusion
detection, with special focus on the combination of NB
classifier and EM. A set of experiments conducted on the 1998 DARPA
dataset show using EM with unlabeled data can provide significant
benefits in classification performance, reducing the size of required
labeled data by 90%.