Ranking Network Devices for Alarm Prioritisation: Intrusion Detection Case Study (CROSBI ID 711864)
Prilog sa skupa u zborniku | izvorni znanstveni rad | međunarodna recenzija
Podaci o odgovornosti
Vidović, Kristijan ; Tomičić, Ivan ; Slovenec, Karlo ; Mikuc, Miljenko ; Brajdić, Ivona
engleski
Ranking Network Devices for Alarm Prioritisation: Intrusion Detection Case Study
Some devices in a network are more important than others, and potential issues with an important network device could cause significantly more damage than issues with less important devices. This paper proposes a method that can rank various device reports by using a learning-to-rank algorithm to help the end-user detect higher priority alarms easier. A pairwise learning-to- rank algorithm is used to incrementally train a model with a custom dataset while testing its accuracy on a separate testing set. Predicting the ranking for the first two, five, and all ten items in a testing dataset showed an upward trend of model accuracy. Using this method we were able to achieve a ranking accuracy surpassing 95%. The proposed method is discussed on an Intrusion Detection System case study.
network device ranking , node ranking , Intrusion Detection System , network security , learning to rank , alarm prioritisation
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
Podaci o prilogu
1-5.
2021.
objavljeno
Podaci o matičnoj publikaciji
Podaci o skupu
29th Conference on Software, Telecommunications and Computer Networks (SoftCOM 2021)
predavanje
23.09.2021-25.09.2021
Hvar, Hrvatska
