Rule-based IDS (intrusion detection systems) are being replaced by more robust neural IDS, which demonstrate great potential in the field of Cybersecurity. However, these ML approaches continue to rely on ad-hoc feature engineering techniques, which lack the capacity to vectorize inputs in ways that are fully relevant to the discovery of anomalous cyber activity. We propose a deep end-to-end framework with NLP-inspired components for identifying potentially malicious behaviors on enterprise computer networks. We also demonstrate the efficacy of this technique on the recently released DARPA OpTC data set.
翻译:以规则为基础的入侵探测系统(入侵探测系统)正在被更强大的神经识别系统所取代,这些系统在网络安全领域显示出巨大的潜力,然而,这些ML方法继续依赖特别特征工程技术,这些技术缺乏以与发现异常网络活动完全相关的方式对投入进行传导的能力。我们提议一个由NLP启发的部件组成的深端对端框架,用以识别企业计算机网络中潜在的恶意行为。我们还在最近的DARPA OpTC数据集中展示了这一技术的功效。
相关内容
微信扫码咨询专知VIP会员