Ensembling to improve infected hosts detection
- Autores
- Venosa, Paula; García, Sebastián; Díaz, Francisco Javier
- Año de publicación
- 2019
- Idioma
- inglés
- Tipo de recurso
- documento de conferencia
- Estado
- versión publicada
- Descripción
- In this paper we describe the main ensemble learning techniques and their application in the cybersecurity threats detection. The state of the art in the use of ensemble learning techniques is presented here as an alternative to the current intrusion detection mechanisms, analyzing their advantages and disadvantages. We propose to incorporate ensemble learning to SLIPS [3], a behavioral-based intrusion detection and prevention system that uses machine learning algorithms to detect malicious behaviors, to obtain better results, taking advantage of the benefits of the SLIPS classifiers and modules. As part of this work we extend ensembling by considering algorithms from different domains (not machine learning domains), as Thread Intelligence. As a first stage of this project, performance tests of ensemble learning algorithms were performed to detect malware from flows evaluating its accuracy. The results of these tests are presented here, as well as the conclusions obtained and the future work.
VIII Workshop Seguridad informática.
Red de Universidades con Carreras en Informática - Materia
-
Ciencias Informáticas
Ensemble leaming
Cybersecurity
Malware / spyware crime
Intrusion detection systems - Nivel de accesibilidad
- acceso abierto
- Condiciones de uso
- http://creativecommons.org/licenses/by-nc-sa/4.0/
- Repositorio
.jpg)
- Institución
- Universidad Nacional de La Plata
- OAI Identificador
- oai:sedici.unlp.edu.ar:10915/90565
Ver los metadatos del registro completo
| id |
SEDICI_3029e5cfcb65a99ad5fb623971798123 |
|---|---|
| oai_identifier_str |
oai:sedici.unlp.edu.ar:10915/90565 |
| network_acronym_str |
SEDICI |
| repository_id_str |
1329 |
| network_name_str |
SEDICI (UNLP) |
| spelling |
Ensembling to improve infected hosts detectionVenosa, PaulaGarcía, SebastiánDíaz, Francisco JavierCiencias InformáticasEnsemble leamingCybersecurityMalware / spyware crimeIntrusion detection systemsIn this paper we describe the main ensemble learning techniques and their application in the cybersecurity threats detection. The state of the art in the use of ensemble learning techniques is presented here as an alternative to the current intrusion detection mechanisms, analyzing their advantages and disadvantages. We propose to incorporate ensemble learning to SLIPS [3], a behavioral-based intrusion detection and prevention system that uses machine learning algorithms to detect malicious behaviors, to obtain better results, taking advantage of the benefits of the SLIPS classifiers and modules. As part of this work we extend ensembling by considering algorithms from different domains (not machine learning domains), as Thread Intelligence. As a first stage of this project, performance tests of ensemble learning algorithms were performed to detect malware from flows evaluating its accuracy. The results of these tests are presented here, as well as the conclusions obtained and the future work.VIII Workshop Seguridad informática.Red de Universidades con Carreras en Informática2019-10info:eu-repo/semantics/conferenceObjectinfo:eu-repo/semantics/publishedVersionObjeto de conferenciahttp://purl.org/coar/resource_type/c_5794info:ar-repo/semantics/documentoDeConferenciaapplication/pdf1251-1260http://sedici.unlp.edu.ar/handle/10915/90565enginfo:eu-repo/semantics/altIdentifier/isbn/978-987-688-377-1info:eu-repo/semantics/reference/hdl/10915/90359info:eu-repo/semantics/openAccesshttp://creativecommons.org/licenses/by-nc-sa/4.0/Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0)reponame:SEDICI (UNLP)instname:Universidad Nacional de La Platainstacron:UNLP2025-09-29T11:18:37Zoai:sedici.unlp.edu.ar:10915/90565Institucionalhttp://sedici.unlp.edu.ar/Universidad públicaNo correspondehttp://sedici.unlp.edu.ar/oai/snrdalira@sedici.unlp.edu.arArgentinaNo correspondeNo correspondeNo correspondeopendoar:13292025-09-29 11:18:37.973SEDICI (UNLP) - Universidad Nacional de La Platafalse |
| dc.title.none.fl_str_mv |
Ensembling to improve infected hosts detection |
| title |
Ensembling to improve infected hosts detection |
| spellingShingle |
Ensembling to improve infected hosts detection Venosa, Paula Ciencias Informáticas Ensemble leaming Cybersecurity Malware / spyware crime Intrusion detection systems |
| title_short |
Ensembling to improve infected hosts detection |
| title_full |
Ensembling to improve infected hosts detection |
| title_fullStr |
Ensembling to improve infected hosts detection |
| title_full_unstemmed |
Ensembling to improve infected hosts detection |
| title_sort |
Ensembling to improve infected hosts detection |
| dc.creator.none.fl_str_mv |
Venosa, Paula García, Sebastián Díaz, Francisco Javier |
| author |
Venosa, Paula |
| author_facet |
Venosa, Paula García, Sebastián Díaz, Francisco Javier |
| author_role |
author |
| author2 |
García, Sebastián Díaz, Francisco Javier |
| author2_role |
author author |
| dc.subject.none.fl_str_mv |
Ciencias Informáticas Ensemble leaming Cybersecurity Malware / spyware crime Intrusion detection systems |
| topic |
Ciencias Informáticas Ensemble leaming Cybersecurity Malware / spyware crime Intrusion detection systems |
| dc.description.none.fl_txt_mv |
In this paper we describe the main ensemble learning techniques and their application in the cybersecurity threats detection. The state of the art in the use of ensemble learning techniques is presented here as an alternative to the current intrusion detection mechanisms, analyzing their advantages and disadvantages. We propose to incorporate ensemble learning to SLIPS [3], a behavioral-based intrusion detection and prevention system that uses machine learning algorithms to detect malicious behaviors, to obtain better results, taking advantage of the benefits of the SLIPS classifiers and modules. As part of this work we extend ensembling by considering algorithms from different domains (not machine learning domains), as Thread Intelligence. As a first stage of this project, performance tests of ensemble learning algorithms were performed to detect malware from flows evaluating its accuracy. The results of these tests are presented here, as well as the conclusions obtained and the future work. VIII Workshop Seguridad informática. Red de Universidades con Carreras en Informática |
| description |
In this paper we describe the main ensemble learning techniques and their application in the cybersecurity threats detection. The state of the art in the use of ensemble learning techniques is presented here as an alternative to the current intrusion detection mechanisms, analyzing their advantages and disadvantages. We propose to incorporate ensemble learning to SLIPS [3], a behavioral-based intrusion detection and prevention system that uses machine learning algorithms to detect malicious behaviors, to obtain better results, taking advantage of the benefits of the SLIPS classifiers and modules. As part of this work we extend ensembling by considering algorithms from different domains (not machine learning domains), as Thread Intelligence. As a first stage of this project, performance tests of ensemble learning algorithms were performed to detect malware from flows evaluating its accuracy. The results of these tests are presented here, as well as the conclusions obtained and the future work. |
| publishDate |
2019 |
| dc.date.none.fl_str_mv |
2019-10 |
| dc.type.none.fl_str_mv |
info:eu-repo/semantics/conferenceObject info:eu-repo/semantics/publishedVersion Objeto de conferencia http://purl.org/coar/resource_type/c_5794 info:ar-repo/semantics/documentoDeConferencia |
| format |
conferenceObject |
| status_str |
publishedVersion |
| dc.identifier.none.fl_str_mv |
http://sedici.unlp.edu.ar/handle/10915/90565 |
| url |
http://sedici.unlp.edu.ar/handle/10915/90565 |
| dc.language.none.fl_str_mv |
eng |
| language |
eng |
| dc.relation.none.fl_str_mv |
info:eu-repo/semantics/altIdentifier/isbn/978-987-688-377-1 info:eu-repo/semantics/reference/hdl/10915/90359 |
| dc.rights.none.fl_str_mv |
info:eu-repo/semantics/openAccess http://creativecommons.org/licenses/by-nc-sa/4.0/ Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) |
| eu_rights_str_mv |
openAccess |
| rights_invalid_str_mv |
http://creativecommons.org/licenses/by-nc-sa/4.0/ Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) |
| dc.format.none.fl_str_mv |
application/pdf 1251-1260 |
| dc.source.none.fl_str_mv |
reponame:SEDICI (UNLP) instname:Universidad Nacional de La Plata instacron:UNLP |
| reponame_str |
SEDICI (UNLP) |
| collection |
SEDICI (UNLP) |
| instname_str |
Universidad Nacional de La Plata |
| instacron_str |
UNLP |
| institution |
UNLP |
| repository.name.fl_str_mv |
SEDICI (UNLP) - Universidad Nacional de La Plata |
| repository.mail.fl_str_mv |
alira@sedici.unlp.edu.ar |
| _version_ |
1844616059844296704 |
| score |
13.070432 |