1. //
  2. Start
  3. //
  4. Publications
  5. //
  6. Active learning for network intrusion de...
  7. //

Active learning for network intrusion detection

Research output: Contributions to collected editions/worksArticle in conference proceedingsResearchpeer-review

Authors

Anomaly detection for network intrusion detection is usually considered an unsupervised task. Prominent techniques, such as one-class support vector machines, learn a hypersphere enclosing network data, mapped to a vector space, such that points outside of the ball are considered anomalous. However, this setup ignores relevant information such as expert and background knowledge. In this paper, we rephrase anomaly detection as an active learning task. We propose an effective active learning strategy to query low-confidence observations and to expand the data basis with minimal labeling effort. Our empirical evaluation on network intrusion detection shows that our approach consistently outperforms existing methods in relevant scenarios.

Original languageEnglish
Title of host publicationAISec '09 : Proceedings of the ACM Conference on Computer and Communications Security
EditorsDirk Balfanz, Jessica Staddon
Number of pages8
Place of PublicationNew York
PublisherAssociation for Computing Machinery, Inc
Publication date09.11.2009
Pages47-54
ISBN (print)978-1-60558-781-3
DOIs
Publication statusPublished - 09.11.2009
Externally publishedYes
Event2nd ACM Workshop on Security and Artificial Intelligence, AISec '09, Co-located with the 16th ACM Computer and Communications Security Conference - Chicago, United States
Duration: 09.11.200913.11.2009
Conference number: 2

    Research areas

  • Informatics - Active learning, Anomaly detection, Intrusion detection, Machine learning, Network security, Support vector data description
  • Business informatics

Other publications by the same author(s)

Interactive sequential generative models for team sports

Fassmeyer, D., Cordes, M. & Brefeld, U., 02.2025, In: Machine Learning. 114, 2, 15 p., 38.

Research output: Journal contributionsJournal articlesResearchpeer-review

Joint Item Response Models for Manual and Automatic Scores on Open-Ended Test Items

Bengs, D., Brefeld, U., Kroehne, U. & Zehner, F., 2025, (Accepted/In press) In: Psychometrika.

Research output: Journal contributionsJournal articlesResearchpeer-review

Machine Learning and Data Mining for Sports Analytics: 11th International Workshop, MLSA 2024, Vilnius, Lithuania, September 9, 2024, Revised Selected Papers

Brefeld, U. (Editor), Davis, J. (Editor), Van Haaren, J. (Editor) & Zimmermann, A. (Editor), 2025, Cham: Springer Verlag. 119 p. (Communications in Computer and Information Science; vol. 2460)

Research output: Books and anthologiesConference proceedingsResearch

Masked autoencoder for multiagent trajectories

Rudolph, Y. & Brefeld, U., 02.2025, In: Machine Learning. 114, 2, 18 p., 44.

Research output: Journal contributionsJournal articlesResearchpeer-review

Self-improvement for Computerized Adaptive Testing

Rudolph, Y., Neubauer, K. & Brefeld, U., 2026, Machine Learning and Knowledge Discovery in Databases - Research Track: European Conference, ECML PKDD 2025, Porto, Portugal, September 15–19, 2025, Proceedings. Ribeiro, R. P., Jorge, A. M., Soares, C., Gama, J., Pfahringer, B., Japkowicz, N., Larrañaga, P. & Abreu, P. H. (eds.). Cham: Springer International Publishing, Vol. 2. p. 70-86 17 p. (Lecture Notes in Computer Science; vol. 16014 LNCS).

Research output: Contributions to collected editions/worksArticle in conference proceedingsResearchpeer-review

DOI

Recently viewed

Activities

  1. Is a better understanding of assembly a way to help reassemble communities for restoration?
  2. Employer Longevity Readiness Index Workshop: Session 2: How do you build a longevity readiness Index?
  3. Modelling biodegradability based on OECD 301D data for the design of mineralising ionic liquids
  4. Field Experimentation in Governance Research. Early insights from researching the effectiveness of public participation in implementing the EU Floods Directive
  5. Performing Contracts: BDSM, Performance Art and Aesthetics of Complexity
  6. “Corruption and Trust: A Model Design”
  7. Learning and Re-learning in Chat-based CSCL: The Impact of Individual Learning Strategies
  8. Development of a temperature controlled weathering test box to evaluate the life cycle behaviour of interior automotive components
  9. Bridges or blocks: How objects cross or enact boundaries in interorganizational teams
  10. Curating Diversity in Global Performance Art
  11. Reforming from Within : Lessons of Institutional Transformation in a Climate of Systemic Change
  12. Computer Simulation as media of knowledge production in the practice of quantum theory
  13. Predicting Performance And Motivation In Teacher Education – The Role Of Opportunities To Learn, Intrinsic Needs And Perceived Self-efficacy
  14. Migrations of Knowledge - Migknow 2014

Publications

  1. Global Finite-Time Stabilization of Planar Linear Systems With Actuator Saturation
  2. Complexity of traffic scenes and EEG-measures of processing workload in car driving
  3. Embarrassment as a public vs. private emotion and symbolic coping behaviour
  4. The Creation of the Concept through the Interaction of Philosophy with Science and Art
  5. Strategies of postural control in static and in dynamic testing situations
  6. Design of an Information-Based Distributed Production Planning System
  7. Topic selection and development in learner-native speaker voice-based telecollaborative discourse
  8. Transductive support vector machines for structured variables
  9. Holistic and scalable ranking of RDF data
  10. Employing A-B tests for optimizing prices levels in e-commerce applications
  11. Learning shortest paths in word graphs
  12. Measuring Learning Styles with Questionnaires Versus Direct Observation of Preferential Choice Behavior in Authentic Learning Situations
  13. Performance of process-based models for simulation of grain N in crop rotations across Europe
  14. Conjunctive cohesion in English language EU documents - A corpus-based analysis and its implications
  15. “Ideation is Fine, but Execution is Key”
  16. Effectiveness of a Web-Based Cognitive Behavioural Intervention for Subthreshold Depression
  17. Overcoming Multi-legacy Application Challenges through Building Dynamic Capabilities for Low-Code Adoption
  18. E-stability and stability of adaptive learning in models with private information
  19. Discourse, practice, policy and organizing
  20. Developing a sustainable platform for entity annotation benchmarks