A study on labeling network hostile behavior with Intelligent Interactive tools

Autores
Guerra Torres, Jorge Luis; Veas, Eduardo Enrique; Catania, Carlos Adrian
Año de publicación
2020
Idioma
inglés
Tipo de recurso
documento de conferencia
Estado
versión publicada
Descripción
Labeling a real network dataset is specially expensive in computersecurity, as an expert has to ponder several factors before assigningeach label. This paper describes an interactive intelligent systemto support the task of identifying hostile behaviors in network logs.The RiskID application uses visualizations to graphically encodefeatures of network connections and promote visual comparison. Inthe background, two algorithms are used to actively organize con-nections and predict potential labels: a recommendation algorithmand a semi-supervised learning strategy. These algorithms togetherwith interactive adaptions to the user interface constitute a behaviorrecommendation. A study is carried out to analyze how the algo-rithms for recommendation and prediction influence the workflowof labeling a dataset. The results of a study with 16 participantsindicate that the behaviour recommendation significantly improvesthe quality of labels. Analyzing interaction patterns, we identify amore intuitive workflow used when behaviour recommendation isavailable.
Fil: Guerra Torres, Jorge Luis. Universidad Nacional de Cuyo; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Mendoza; Argentina
Fil: Veas, Eduardo Enrique. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Mendoza; Argentina. Universidad Nacional de Cuyo; Argentina
Fil: Catania, Carlos Adrian. Universidad Nacional de Cuyo; Argentina
2019 IEEE Symposium on Visualization for Cyber Security
Vancouver
Canadá
Institute of Electrical and Electronics Engineers
Materia
HUMAN-CENTERED COMPUTING
VISUALIZATION TECHNIQUES
LABELINGL
SEMI-SUPERVISED LEARNING
Nivel de accesibilidad
acceso abierto
Condiciones de uso
https://creativecommons.org/licenses/by-nc-sa/2.5/ar/
Repositorio
CONICET Digital (CONICET)
Institución
Consejo Nacional de Investigaciones Científicas y Técnicas
OAI Identificador
oai:ri.conicet.gov.ar:11336/155070
Acceder
id CONICETDig_178bf7a06d26d3008359b0cf4f3c23fa
oai_identifier_str oai:ri.conicet.gov.ar:11336/155070
network_acronym_str CONICETDig
repository_id_str 3498
network_name_str CONICET Digital (CONICET)
spelling A study on labeling network hostile behavior with Intelligent Interactive toolsGuerra Torres, Jorge LuisVeas, Eduardo EnriqueCatania, Carlos AdrianHUMAN-CENTERED COMPUTINGVISUALIZATION TECHNIQUESLABELINGLSEMI-SUPERVISED LEARNINGhttps://purl.org/becyt/ford/2.11https://purl.org/becyt/ford/2Labeling a real network dataset is specially expensive in computersecurity, as an expert has to ponder several factors before assigningeach label. This paper describes an interactive intelligent systemto support the task of identifying hostile behaviors in network logs.The RiskID application uses visualizations to graphically encodefeatures of network connections and promote visual comparison. Inthe background, two algorithms are used to actively organize con-nections and predict potential labels: a recommendation algorithmand a semi-supervised learning strategy. These algorithms togetherwith interactive adaptions to the user interface constitute a behaviorrecommendation. A study is carried out to analyze how the algo-rithms for recommendation and prediction influence the workflowof labeling a dataset. The results of a study with 16 participantsindicate that the behaviour recommendation significantly improvesthe quality of labels. Analyzing interaction patterns, we identify amore intuitive workflow used when behaviour recommendation isavailable.Fil: Guerra Torres, Jorge Luis. Universidad Nacional de Cuyo; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Mendoza; ArgentinaFil: Veas, Eduardo Enrique. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Mendoza; Argentina. Universidad Nacional de Cuyo; ArgentinaFil: Catania, Carlos Adrian. Universidad Nacional de Cuyo; Argentina2019 IEEE Symposium on Visualization for Cyber SecurityVancouverCanadáInstitute of Electrical and Electronics EngineersIEEE CanadaGuerra Torres, Jorge Luis2020info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/conferenceObjectCongresoJournalhttp://purl.org/coar/resource_type/c_5794info:ar-repo/semantics/documentoDeConferenciaapplication/pdfapplication/pdfhttp://hdl.handle.net/11336/155070A study on labeling network hostile behavior with Intelligent Interactive tools; 2019 IEEE Symposium on Visualization for Cyber Security; Vancouver; Canadá; 2019; 1-102639-4332CONICET DigitalCONICETenginfo:eu-repo/semantics/altIdentifier/url/https://ieeexplore.ieee.org/document/9161489info:eu-repo/semantics/altIdentifier/doi/ 10.1109/VizSec48167.2019.9161489info:eu-repo/semantics/altIdentifier/url/https://pure.tugraz.at/ws/portalfiles/portal/25160237/VizSec2019_4.pdfhttps://www.youtube.com/watch?v=5MhjKygIaH0Internacionalinfo:eu-repo/semantics/openAccesshttps://creativecommons.org/licenses/by-nc-sa/2.5/ar/reponame:CONICET Digital (CONICET)instname:Consejo Nacional de Investigaciones Científicas y Técnicas2025-09-29T10:44:06Zoai:ri.conicet.gov.ar:11336/155070instacron:CONICETInstitucionalhttp://ri.conicet.gov.ar/Organismo científico-tecnológicoNo correspondehttp://ri.conicet.gov.ar/oai/requestdasensio@conicet.gov.ar; lcarlino@conicet.gov.arArgentinaNo correspondeNo correspondeNo correspondeopendoar:34982025-09-29 10:44:06.856CONICET Digital (CONICET) - Consejo Nacional de Investigaciones Científicas y Técnicasfalse
dc.title.none.fl_str_mv A study on labeling network hostile behavior with Intelligent Interactive tools
title A study on labeling network hostile behavior with Intelligent Interactive tools
spellingShingle A study on labeling network hostile behavior with Intelligent Interactive tools
Guerra Torres, Jorge Luis
HUMAN-CENTERED COMPUTING
VISUALIZATION TECHNIQUES
LABELINGL
SEMI-SUPERVISED LEARNING
title_short A study on labeling network hostile behavior with Intelligent Interactive tools
title_full A study on labeling network hostile behavior with Intelligent Interactive tools
title_fullStr A study on labeling network hostile behavior with Intelligent Interactive tools
title_full_unstemmed A study on labeling network hostile behavior with Intelligent Interactive tools
title_sort A study on labeling network hostile behavior with Intelligent Interactive tools
dc.creator.none.fl_str_mv Guerra Torres, Jorge Luis
Veas, Eduardo Enrique
Catania, Carlos Adrian
author Guerra Torres, Jorge Luis
author_facet Guerra Torres, Jorge Luis
Veas, Eduardo Enrique
Catania, Carlos Adrian
author_role author
author2 Veas, Eduardo Enrique
Catania, Carlos Adrian
author2_role author
author
dc.contributor.none.fl_str_mv Guerra Torres, Jorge Luis
dc.subject.none.fl_str_mv HUMAN-CENTERED COMPUTING
VISUALIZATION TECHNIQUES
LABELINGL
SEMI-SUPERVISED LEARNING
topic HUMAN-CENTERED COMPUTING
VISUALIZATION TECHNIQUES
LABELINGL
SEMI-SUPERVISED LEARNING
purl_subject.fl_str_mv https://purl.org/becyt/ford/2.11
https://purl.org/becyt/ford/2
dc.description.none.fl_txt_mv Labeling a real network dataset is specially expensive in computersecurity, as an expert has to ponder several factors before assigningeach label. This paper describes an interactive intelligent systemto support the task of identifying hostile behaviors in network logs.The RiskID application uses visualizations to graphically encodefeatures of network connections and promote visual comparison. Inthe background, two algorithms are used to actively organize con-nections and predict potential labels: a recommendation algorithmand a semi-supervised learning strategy. These algorithms togetherwith interactive adaptions to the user interface constitute a behaviorrecommendation. A study is carried out to analyze how the algo-rithms for recommendation and prediction influence the workflowof labeling a dataset. The results of a study with 16 participantsindicate that the behaviour recommendation significantly improvesthe quality of labels. Analyzing interaction patterns, we identify amore intuitive workflow used when behaviour recommendation isavailable.
Fil: Guerra Torres, Jorge Luis. Universidad Nacional de Cuyo; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Mendoza; Argentina
Fil: Veas, Eduardo Enrique. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Mendoza; Argentina. Universidad Nacional de Cuyo; Argentina
Fil: Catania, Carlos Adrian. Universidad Nacional de Cuyo; Argentina
2019 IEEE Symposium on Visualization for Cyber Security
Vancouver
Canadá
Institute of Electrical and Electronics Engineers
description Labeling a real network dataset is specially expensive in computersecurity, as an expert has to ponder several factors before assigningeach label. This paper describes an interactive intelligent systemto support the task of identifying hostile behaviors in network logs.The RiskID application uses visualizations to graphically encodefeatures of network connections and promote visual comparison. Inthe background, two algorithms are used to actively organize con-nections and predict potential labels: a recommendation algorithmand a semi-supervised learning strategy. These algorithms togetherwith interactive adaptions to the user interface constitute a behaviorrecommendation. A study is carried out to analyze how the algo-rithms for recommendation and prediction influence the workflowof labeling a dataset. The results of a study with 16 participantsindicate that the behaviour recommendation significantly improvesthe quality of labels. Analyzing interaction patterns, we identify amore intuitive workflow used when behaviour recommendation isavailable.
publishDate 2020
dc.date.none.fl_str_mv 2020
dc.type.none.fl_str_mv info:eu-repo/semantics/publishedVersion
info:eu-repo/semantics/conferenceObject
Congreso
Journal
http://purl.org/coar/resource_type/c_5794
info:ar-repo/semantics/documentoDeConferencia
status_str publishedVersion
format conferenceObject
dc.identifier.none.fl_str_mv http://hdl.handle.net/11336/155070
A study on labeling network hostile behavior with Intelligent Interactive tools; 2019 IEEE Symposium on Visualization for Cyber Security; Vancouver; Canadá; 2019; 1-10
2639-4332
CONICET Digital
CONICET
url http://hdl.handle.net/11336/155070
identifier_str_mv A study on labeling network hostile behavior with Intelligent Interactive tools; 2019 IEEE Symposium on Visualization for Cyber Security; Vancouver; Canadá; 2019; 1-10
2639-4332
CONICET Digital
CONICET
dc.language.none.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv info:eu-repo/semantics/altIdentifier/url/https://ieeexplore.ieee.org/document/9161489
info:eu-repo/semantics/altIdentifier/doi/ 10.1109/VizSec48167.2019.9161489
info:eu-repo/semantics/altIdentifier/url/https://pure.tugraz.at/ws/portalfiles/portal/25160237/VizSec2019_4.pdf
https://www.youtube.com/watch?v=5MhjKygIaH0
dc.rights.none.fl_str_mv info:eu-repo/semantics/openAccess
https://creativecommons.org/licenses/by-nc-sa/2.5/ar/
eu_rights_str_mv openAccess
rights_invalid_str_mv https://creativecommons.org/licenses/by-nc-sa/2.5/ar/
dc.format.none.fl_str_mv application/pdf
application/pdf
dc.coverage.none.fl_str_mv Internacional
dc.publisher.none.fl_str_mv IEEE Canada
publisher.none.fl_str_mv IEEE Canada
dc.source.none.fl_str_mv reponame:CONICET Digital (CONICET)
instname:Consejo Nacional de Investigaciones Científicas y Técnicas
reponame_str CONICET Digital (CONICET)
collection CONICET Digital (CONICET)
instname_str Consejo Nacional de Investigaciones Científicas y Técnicas
repository.name.fl_str_mv CONICET Digital (CONICET) - Consejo Nacional de Investigaciones Científicas y Técnicas
repository.mail.fl_str_mv dasensio@conicet.gov.ar; lcarlino@conicet.gov.ar
_version_ 1844614477825179648
score 13.070432

Publicaciones similares