Pregled bibliografske jedinice broj: 1163852
Ranking Network Devices for Alarm Prioritisation: Intrusion Detection Case Study
Ranking Network Devices for Alarm Prioritisation: Intrusion Detection Case Study // 29th Conference on Software, Telecommunications and Computer Networks (SoftCOM 2021)
Hvar, Hrvatska; Split, Hrvatska, 2021. str. 1-5 (predavanje, međunarodna recenzija, cjeloviti rad (in extenso), znanstveni)
CROSBI ID: 1163852 Za ispravke kontaktirajte CROSBI podršku putem web obrasca
Naslov
Ranking Network Devices for Alarm Prioritisation:
Intrusion Detection Case Study
Autori
Vidović, Kristijan ; Tomičić, Ivan ; Slovenec, Karlo ; Mikuc, Miljenko ; Brajdić, Ivona
Vrsta, podvrsta i kategorija rada
Radovi u zbornicima skupova, cjeloviti rad (in extenso), znanstveni
Skup
29th Conference on Software, Telecommunications and Computer Networks (SoftCOM 2021)
Mjesto i datum
Hvar, Hrvatska; Split, Hrvatska, 23.09.2021. - 25.09.2021
Vrsta sudjelovanja
Predavanje
Vrsta recenzije
Međunarodna recenzija
Ključne riječi
network device ranking , node ranking , Intrusion Detection System , network security , learning to rank , alarm prioritisation
Sažetak
Some devices in a network are more important than others, and potential issues with an important network device could cause significantly more damage than issues with less important devices. This paper proposes a method that can rank various device reports by using a learning-to-rank algorithm to help the end-user detect higher priority alarms easier. A pairwise learning-to- rank algorithm is used to incrementally train a model with a custom dataset while testing its accuracy on a separate testing set. Predicting the ranking for the first two, five, and all ten items in a testing dataset showed an upward trend of model accuracy. Using this method we were able to achieve a ranking accuracy surpassing 95%. The proposed method is discussed on an Intrusion Detection System case study.
Izvorni jezik
Engleski
Znanstvena područja
Računarstvo
