1. //
  2. Start
  3. //
  4. Publications
  5. Active learning for network intrusion de...
  6. Output formats
  7. //

Active learning for network intrusion detection

Research output: Contributions to collected editions/worksArticle in conference proceedingsResearchpeer-review

Standard

Active learning for network intrusion detection. / Görnitz, Nico; Kloft, Marius; Rieck, Konrad et al.
AISec '09: Proceedings of the ACM Conference on Computer and Communications Security. ed. / Dirk Balfanz; Jessica Staddon. New York: Association for Computing Machinery, Inc, 2009. p. 47-54.

Research output: Contributions to collected editions/worksArticle in conference proceedingsResearchpeer-review

Harvard

Görnitz, N, Kloft, M, Rieck, K & Brefeld, U 2009, Active learning for network intrusion detection. in D Balfanz & J Staddon (eds), AISec '09: Proceedings of the ACM Conference on Computer and Communications Security. Association for Computing Machinery, Inc, New York, pp. 47-54, 2nd ACM Workshop on Security and Artificial Intelligence, AISec '09, Co-located with the 16th ACM Computer and Communications Security Conference, Chicago, United States, 09.11.09. https://doi.org/10.1145/1654988.1655002

APA

Görnitz, N., Kloft, M., Rieck, K., & Brefeld, U. (2009). Active learning for network intrusion detection. In D. Balfanz, & J. Staddon (Eds.), AISec '09: Proceedings of the ACM Conference on Computer and Communications Security (pp. 47-54). Association for Computing Machinery, Inc. https://doi.org/10.1145/1654988.1655002

Vancouver

Görnitz N, Kloft M, Rieck K, Brefeld U. Active learning for network intrusion detection. In Balfanz D, Staddon J, editors, AISec '09: Proceedings of the ACM Conference on Computer and Communications Security. New York: Association for Computing Machinery, Inc. 2009. p. 47-54 doi: 10.1145/1654988.1655002

Bibtex

@inbook{7b99007d947e499ca831a3484b8a2c28,
title = "Active learning for network intrusion detection",
abstract = "Anomaly detection for network intrusion detection is usually considered an unsupervised task. Prominent techniques, such as one-class support vector machines, learn a hypersphere enclosing network data, mapped to a vector space, such that points outside of the ball are considered anomalous. However, this setup ignores relevant information such as expert and background knowledge. In this paper, we rephrase anomaly detection as an active learning task. We propose an effective active learning strategy to query low-confidence observations and to expand the data basis with minimal labeling effort. Our empirical evaluation on network intrusion detection shows that our approach consistently outperforms existing methods in relevant scenarios.",
keywords = "Informatics, Active learning, Anomaly detection, Intrusion detection, Machine learning, Network security, Support vector data description, Business informatics",
author = "Nico G{\"o}rnitz and Marius Kloft and Konrad Rieck and Ulf Brefeld",
year = "2009",
month = nov,
day = "9",
doi = "10.1145/1654988.1655002",
language = "English",
isbn = "978-1-60558-781-3",
pages = "47--54",
editor = "Dirk Balfanz and Jessica Staddon",
booktitle = "AISec '09",
publisher = "Association for Computing Machinery, Inc",
address = "United States",
note = "2nd ACM Workshop on Security and Artificial Intelligence, AISec '09, Co-located with the 16th ACM Computer and Communications Security Conference ; Conference date: 09-11-2009 Through 13-11-2009",

}

RIS

TY - CHAP

T1 - Active learning for network intrusion detection

AU - Görnitz, Nico

AU - Kloft, Marius

AU - Rieck, Konrad

AU - Brefeld, Ulf

N1 - Conference code: 2

PY - 2009/11/9

Y1 - 2009/11/9

N2 - Anomaly detection for network intrusion detection is usually considered an unsupervised task. Prominent techniques, such as one-class support vector machines, learn a hypersphere enclosing network data, mapped to a vector space, such that points outside of the ball are considered anomalous. However, this setup ignores relevant information such as expert and background knowledge. In this paper, we rephrase anomaly detection as an active learning task. We propose an effective active learning strategy to query low-confidence observations and to expand the data basis with minimal labeling effort. Our empirical evaluation on network intrusion detection shows that our approach consistently outperforms existing methods in relevant scenarios.

AB - Anomaly detection for network intrusion detection is usually considered an unsupervised task. Prominent techniques, such as one-class support vector machines, learn a hypersphere enclosing network data, mapped to a vector space, such that points outside of the ball are considered anomalous. However, this setup ignores relevant information such as expert and background knowledge. In this paper, we rephrase anomaly detection as an active learning task. We propose an effective active learning strategy to query low-confidence observations and to expand the data basis with minimal labeling effort. Our empirical evaluation on network intrusion detection shows that our approach consistently outperforms existing methods in relevant scenarios.

KW - Informatics

KW - Active learning

KW - Anomaly detection

KW - Intrusion detection

KW - Machine learning

KW - Network security

KW - Support vector data description

KW - Business informatics

U2 - 10.1145/1654988.1655002

DO - 10.1145/1654988.1655002

M3 - Article in conference proceedings

AN - SCOPUS:74049088533

SN - 978-1-60558-781-3

SP - 47

EP - 54

BT - AISec '09

A2 - Balfanz, Dirk

A2 - Staddon, Jessica

PB - Association for Computing Machinery, Inc

CY - New York

T2 - 2nd ACM Workshop on Security and Artificial Intelligence, AISec '09, Co-located with the 16th ACM Computer and Communications Security Conference

Y2 - 9 November 2009 through 13 November 2009

ER -

Other publications by the same author(s)

Interactive sequential generative models for team sports

Fassmeyer, D., Cordes, M. & Brefeld, U., 02.2025, In: Machine Learning. 114, 2, 15 p., 38.

Research output: Journal contributionsJournal articlesResearchpeer-review

Joint Item Response Models for Manual and Automatic Scores on Open-Ended Test Items

Bengs, D., Brefeld, U., Kroehne, U. & Zehner, F., 2025, (Accepted/In press) In: Psychometrika.

Research output: Journal contributionsJournal articlesResearchpeer-review

Machine Learning and Data Mining for Sports Analytics: 11th International Workshop, MLSA 2024, Vilnius, Lithuania, September 9, 2024, Revised Selected Papers

Brefeld, U. (Editor), Davis, J. (Editor), Van Haaren, J. (Editor) & Zimmermann, A. (Editor), 2025, Cham: Springer Verlag. 119 p. (Communications in Computer and Information Science; vol. 2460)

Research output: Books and anthologiesConference proceedingsResearch

Masked autoencoder for multiagent trajectories

Rudolph, Y. & Brefeld, U., 02.2025, In: Machine Learning. 114, 2, 18 p., 44.

Research output: Journal contributionsJournal articlesResearchpeer-review

Self-improvement for Computerized Adaptive Testing

Rudolph, Y., Neubauer, K. & Brefeld, U., 2026, Machine Learning and Knowledge Discovery in Databases - Research Track: European Conference, ECML PKDD 2025, Porto, Portugal, September 15–19, 2025, Proceedings. Ribeiro, R. P., Pfahringer, B., Japkowicz, N., Larrañaga, P., Jorge, A. M., Soares, C., Abreu, P. H. & Gama, J. (eds.). Cham: Springer International Publishing, Vol. 2. p. 70-86 17 p. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence); vol. 16014).

Research output: Contributions to collected editions/worksArticle in conference proceedingsResearchpeer-review

DOI

Recently viewed

Activities

  1. Different cultures, different interactional norms: Addressing variation across the Englishes (Carl von Ossietzsky Universität)
  2. Teach the teachers program
  3. Keep Calm and Solve the Problem: An Integrated Model to Reduce Threat and Defense in Conflicts
  4. IEEE/ASME Transactions on Mechatronics (Zeitschrift)
  5. Setting up camp: emerging organizing around contested issues in the context of covert and illegal living on campsites
  6. 24th International Conference on System Theory, Control and Computing - ICSTCC 2020
  7. Heinz von Foerster and Early Research in the Field of Pattern Recognition at the Biological Computer Laboratory
  8. Combining material flow analysis and actor analysis to characterise the development of energy regions in Austria.
  9. Didacta - 2006
  10. Purposeful Work Symposium (PWS)
  11. Challenges and Possibilities of Digitization During the Pandemic: The Cuban Case and Questions of Access

Publications

  1. Noninteracting optimal and adaptive torque control using an online parameter estimation with help of polynomials in EKF for a PMSM
  2. Switching cascade controllers combined with a feedforward regulation for an aggregate actuator in automotive applications
  3. Binary Random Nets II
  4. Complementing AAI at the meso level
  5. Advances in Computer Science and Engineering
  6. Understanding Context Collapse for Social Media Users
  7. Mapping the Order of New Migration
  8. Missing links
  9. Parameterized Synthetic Image Data Set for Fisheye Lens
  10. Scale-dependent diversity patterns affect spider assemblages of two contrasting forest ecosystems
  11. Interactive Media as Fields of Transduction
  12. Fallstudie
  13. From Enterprise Architecture to Business Ecosystem Architecture
  14. Effects of an expressive writing intervention (EWI) with women treated for breast cancer explored with recurrence quantification analysis (RQA) of changes in text structure - a proof-of-concept study
  15. Hot tearing behaviour of binary Mg-1Al alloy using a contraction force measuring method
  16. Towards a dynamic value network perspective of sustainable business models
  17. Microsimulation - A survey of principles, developments and applications
  18. Logical-Rollenspiele
  19. Generative 3D reconstruction of Ti-6Al-4V basketweave microstructures by optimization of differentiable microstructural descriptors
  20. The persistence of subsistence and the limits to development studies
  21. From temporal myopia to foresight: Bridging the near and the distant future through temporal work
  22. NIF4OGGD - NLP interchange format for open German governmental data
  23. Concession patterns in dyadic negotiations: Empirically contrasting sunk cost, loss aversion, and rationality predictions
  24. Structuring multiple perspectives in environmental decision-making
  25. Lexsyg smart - A luminescence detection system for dosimetry, material research and dating application