Inicio  /  Applied Sciences  /  Vol: 13 Par: 3 (2023)  /  Artículo
ARTÍCULO
TITULO

AI-Assisted Security Alert Data Analysis with Imbalanced Learning Methods

Samuel Ndichu    
Tao Ban    
Takeshi Takahashi and Daisuke Inoue    

Resumen

Intrusion analysis is essential for cybersecurity, but oftentimes, the overwhelming number of false alerts issued by security appliances can prove to be a considerable hurdle. Machine learning algorithms can automate a task known as security alert data analysis to facilitate faster alert triage and incident response. This paper presents a bidirectional approach to address severe class imbalance in security alert data analysis. The proposed method utilizes an ensemble of three oversampling techniques to generate an augmented set of high-quality synthetic positive samples and employs a data subsampling algorithm to identify and remove noisy negative samples. Experimental results using an enterprise and a benchmark dataset confirm that this approach yields significantly improved recall and false positive rates compared with conventional oversampling techniques, suggesting its potential for more effective and efficient AI-assisted security operations.

 Artículos similares

       
 
Michael Lescisin, Qusay H. Mahmoud and Anca Cioraca    
Software security is a component of software development that should be integrated throughout its entire development lifecycle, and not simply as an afterthought. If security vulnerabilities are caught early in development, they can be fixed before the s... ver más
Revista: Computers

 
Sebastien Mambou, Ondrej Krejcar, Petra Maresova, Ali Selamat and Kamil Kuca    
Sexual assault can cause great societal damage, with negative socio-economic, mental, sexual, physical and reproductive consequences. According to the Eurostat, the number of crimes increased in the European Union between 2008 and 2016. However, despite ... ver más
Revista: Applied Sciences

 
Moses Adah Agana,Akpan Idorenyin Beranard    
This study utilized biometric fingerprint recognition and Global system for Mobile Communication (GSM) Short Message Service (SMS) to identify military armoury users and alert possible intrusion to take arms without authorization respectively. This is ai... ver más

 
Conti, G.; Abdullah, K.; Grizzard, J.; Stasko, J.; Copeland, J.A.; Ahamad, M.; Owen, H.L.; Lee, C.     Pág. 60 - 70