Explanations of unsupervised learning clustering applied to data security analysis

Producció científica: Article en revista indexadaArticleAvaluat per experts

20 Cites (Scopus)

Resum

Network security tests should be periodically conducted to detect vulnerabilities before they are exploited. However, analysis of testing results is resource intensive with many data and requires expertise because it is an unsupervised domain. This paper presents how to automate and improve this analysis through the identification and explanation of device groups with similar vulnerabilities. Clustering is used for discovering hidden patterns and abnormal behaviors. Self-organizing maps are preferred due to their soft computing capabilities. Explanations based on anti-unification give comprehensive descriptions of clustering results to analysts. This approach is integrated in Consensus, a computer-aided system to detect network vulnerabilities.

Idioma originalAnglès
Pàgines (de-a)2754-2762
Nombre de pàgines9
RevistaNeurocomputing
Volum72
Número13-15
DOIs
Estat de la publicacióPublicada - d’ag. 2009

Fingerprint

Navegar pels temes de recerca de 'Explanations of unsupervised learning clustering applied to data security analysis'. Junts formen un fingerprint únic.

Com citar-ho