A Study on Labeling Network Hostile Behavior with Intelligent Interactive Tools

Jorge Guerra Torres, Eduardo Enrique Veas, Carlos Adrián Catania

Publikation: KonferenzbeitragPaper


Labeling a real network dataset is specially expensive in computer security, as an expert has to ponder several factors before assigning each label. This paper describes an interactive intelligent system to support the task of identifying hostile behavior in network logs. The RiskID application uses visualizations to graphically encode features of network connections and promote visual comparison. In the background, two algorithms are used to actively organize con- nections and predict potential labels: a recommendation algorithm and a semi-supervised learning strategy. These algorithms together with interactive adaptions to the user interface constitute a behavior recommendation. A study is carried out to analyze how the algo- rithms for recommendation and prediction influence the workflow of labeling a dataset. The results of a study with 16 participants indicate that the behaviour recommendation significantly improves the quality of labels. Analyzing interaction patterns, we identify a more intuitive workflow used when behaviour recommendation is available.
PublikationsstatusVeröffentlicht - 2019
VeranstaltungIEEE Symposium on Visualization for Cyber Security - Vancouver, Kanada
Dauer: 20 Okt 201925 Okt 2019


KonferenzIEEE Symposium on Visualization for Cyber Security


Untersuchen Sie die Forschungsthemen von „A Study on Labeling Network Hostile Behavior with Intelligent Interactive Tools“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren