Runtime security monitoring by an interplay between rule matching and deep learning-based anomaly detection on logs.
Jan AnticJoão Pita CostaAles CernivecMatija CankarTomaz MartincicAljaz PotocnikGorka Benguria ElguezabalNelly LeligouIsmael Torres BoiguesPublished in: DRCN (2023)
Keyphrases
- anomaly detection
- deep learning
- intrusion detection
- unsupervised learning
- computer security
- network security
- detect anomalies
- anomalous behavior
- detecting anomalies
- network traffic
- malware detection
- intrusion detection system
- information security
- network intrusion detection
- mental models
- feature selection
- machine learning
- one class support vector machines
- feature space
- network anomaly detection
- intrusion prevention
- weakly supervised
- decision support
- multi class
- knowledge discovery
- learning strategies
- normal behavior
- high dimensional
- object recognition
- information retrieval