Machine Learning confronted with the operational constraints of detection systems
Journal Title: International Journal of Information Technology and Applied Sciences (IJITAS) - Year 2019, Vol 1, Issue 1
Abstract
Intrusion detection systems, traditionally based on signatures, have not escaped the recent appeal of machine learning techniques. While the results presented in academic research articles are often excellent, security experts still have many reservations about the use of Machine Learning in intrusion detection systems. They generally fear an inadequacy of these techniques to operational constraints, in particular because of a high level of expertise required, or a large number of false positives. In this article, we show that Machine Learning can be compatible with the operational constraints of detection systems. We explain how to build a detection model and present good practices to validate it before it goes into production. The methodology is illustrated by a case study on the detection of malicious PDF files and we offer a free tool, SecuML, to implement it.
Authors and Affiliations
Sridarala ramu, Daniel Osaku
Keywords
Related Articles
- EP ID EP694203
- DOI https://doi.org/10.52502/ijitas.v1i1.6
- Views 140
- Downloads 1
Strategic Information Systems and Artificial Intelligence in Business
Information systems are defined as systems that consist of a group of people, data records, and some manual and non-manual operations. These systems generally handle data and information related to each system, and it ca...
A constraint programming algorithm for finding leximin-optimal allocations
In the context of constraint programming, we propose an algorithm solving the following problem: allocate in an equitable and efficient way a finite set of objects to agents each having their own utilities, under admissi...
Assessment of the Quality of the Training System in Moroccan Higher Education Institutions: Case of the Sciences ans Techniques of Physical and Sports Activities
Purpose: The aim of our study is to assess the overall quality of the university training system in sciences and techniques of physical and sports activities in Moroccan higher education. Method: Our method was based on...
A multi-agent-based approach for address geocoding in poorly mapped areas through public company data
In this study, we present an original method that enhances geocoding systems in poorly mapped areas thanks to public company data and a multi-agent system. In contrast with industrialized countries, many developing count...
Effect of service quality on student-inspector satisfaction at the training center for educational inspectors in Rabat, Morocco
In theory, we all know that if students are satisfied, then training centers do provide a better quality of service. But what about in practice? The purpose of this research is twofold. On the one hand, we aim to assess...