Pregled bibliografske jedinice broj: 1222732
Improving Classification Results in Network Data Analysis using Interpretability Methods
Improving Classification Results in Network Data Analysis using Interpretability Methods // Proceedings of 30th International Conference on Software, Telecommunications and Computer Networks (SoftCOM 2022)
Split, Hrvatska, 2022. str. 67-72 (predavanje, međunarodna recenzija, cjeloviti rad (in extenso), znanstveni)
CROSBI ID: 1222732 Za ispravke kontaktirajte CROSBI podršku putem web obrasca
Naslov
Improving Classification Results in Network Data
Analysis using Interpretability Methods
Autori
Begušić, Domagoj ; Pintar, Damir ; Krznarić, Sanja ; Frederick-Walker Luke
Vrsta, podvrsta i kategorija rada
Radovi u zbornicima skupova, cjeloviti rad (in extenso), znanstveni
Izvornik
Proceedings of 30th International Conference on Software, Telecommunications and Computer Networks (SoftCOM 2022)
/ - , 2022, 67-72
Skup
30th International Conference on Software, Telecommunications and Computer Networks (SoftCOM 2022)
Mjesto i datum
Split, Hrvatska, 22.09.2022. - 24.09.2022
Vrsta sudjelovanja
Predavanje
Vrsta recenzije
Međunarodna recenzija
Ključne riječi
network intrusion detection system ; cybersecurity ; data mining ; interpretability methods ; classification
Sažetak
Developing network intrusion detection and prevention systems usually leverage a rule-based approach, which is derived from rules defined by network security experts who can utilize logic from both low and high network layers. However, in recent times, machine learning methods have also achieved promising results in developing Network Intrusion Detection Systems, and their popularity is steadily rising. Unfortunately, the usage of these machine learning methods in real-life problems has regularly proved that no good out-of-the-box solution exists for production or deployment. Also, due to the increasing volume and complexity of processed data that machine learning methods are faced with over time, improvements and adaptions are frequently required. As the problem at hand becomes more convoluted, so does the the nature of the applied solution. This complexity is further compounded by the fact that certain machine and deep learning methods intrinsically do not offer a way of understanding how they make decisions, effectively behaving like black boxes. All of this significantly lowers the understandability of implemented solutions in production environments that are already quite complex, which justifies the need of interpretability methods. While interpretability methods are commonly designed to be used by humans, in this paper we propose a way of improving a model's classification performance by applying data mining methods on explanation data generated by interpretability methods. The paper showcases this approach by improving on a previously built network intrusion detection system and achieving a higher negative predictive value, even after hyperparameter optimization.
Izvorni jezik
Engleski
Znanstvena područja
Elektrotehnika, Računarstvo
POVEZANOST RADA
Ustanove:
Fakultet elektrotehnike i računarstva, Zagreb
