Practical Machine Learning for Cloud Intrusion Detection: Challenges and the Way Forward
Operationalizing machine learning based security detections is extremely challenging, especially in a continuously evolving cloud environment. Conventional anomaly detection does not produce satisfactory results for analysts that are investigating security incidents in the cloud. Model evaluation al...
Gespeichert in:
| Hauptverfasser: | , , |
|---|---|
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Kumar, Ram Shankar Siva Wicker, Andrew Swann, Matt |
| description | Operationalizing machine learning based security detections is extremely
challenging, especially in a continuously evolving cloud environment.
Conventional anomaly detection does not produce satisfactory results for
analysts that are investigating security incidents in the cloud. Model
evaluation alone presents its own set of problems due to a lack of benchmark
datasets. When deploying these detections, we must deal with model compliance,
localization, and data silo issues, among many others. We pose the problem of
"attack disruption" as a way forward in the security data science space. In
this paper, we describe the framework, challenges, and open questions
surrounding the successful operationalization of machine learning based
security detections in a cloud environment and provide some insights on how we
have addressed them. |
| doi_str_mv | 10.48550/arxiv.1709.07095 |
| format | Article |
| fullrecord | <record><control><sourceid>arxiv_GOX</sourceid><recordid>TN_cdi_arxiv_primary_1709_07095</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>1709_07095</sourcerecordid><originalsourceid>FETCH-LOGICAL-a675-863f762e7f47ebc88037261ceaaf2c26e8153280c84df05dc57a3f9e54a21093</originalsourceid><addsrcrecordid>eNotz81OwzAQBGBfOKDCA3BiXyDBP3HscEOBQqUgkFoJbtHirBtLwUFOCvTtKYXLzGU00sfYheB5YbXmV5i-w2cuDK9yfgh9yl6fE7o5OBzgEV0fIkFDmGKIW_BjgnoYdx2s4px2Uxgj3NJMh_0Yr6HucRgobmkCjB3MPcEL7mE5pi9M3Rk78ThMdP7fC7Ze3m3qh6x5ul_VN02GpdGZLZU3pSTjC0NvzlqujCyFI0QvnSzJCq2k5c4Wnee6c9qg8hXpAqXglVqwy7_Xo6z9SOEd0779FbZHofoBZjNLjw</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Practical Machine Learning for Cloud Intrusion Detection: Challenges and the Way Forward</title><source>arXiv.org</source><creator>Kumar, Ram Shankar Siva ; Wicker, Andrew ; Swann, Matt</creator><creatorcontrib>Kumar, Ram Shankar Siva ; Wicker, Andrew ; Swann, Matt</creatorcontrib><description>Operationalizing machine learning based security detections is extremely
challenging, especially in a continuously evolving cloud environment.
Conventional anomaly detection does not produce satisfactory results for
analysts that are investigating security incidents in the cloud. Model
evaluation alone presents its own set of problems due to a lack of benchmark
datasets. When deploying these detections, we must deal with model compliance,
localization, and data silo issues, among many others. We pose the problem of
"attack disruption" as a way forward in the security data science space. In
this paper, we describe the framework, challenges, and open questions
surrounding the successful operationalization of machine learning based
security detections in a cloud environment and provide some insights on how we
have addressed them.</description><identifier>DOI: 10.48550/arxiv.1709.07095</identifier><language>eng</language><subject>Computer Science - Artificial Intelligence ; Computer Science - Cryptography and Security</subject><creationdate>2017-09</creationdate><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,780,885</link.rule.ids><linktorsrc>$$Uhttps://arxiv.org/abs/1709.07095$$EView_record_in_Cornell_University$$FView_record_in_$$GCornell_University$$Hfree_for_read</linktorsrc><backlink>$$Uhttps://doi.org/10.48550/arXiv.1709.07095$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Kumar, Ram Shankar Siva</creatorcontrib><creatorcontrib>Wicker, Andrew</creatorcontrib><creatorcontrib>Swann, Matt</creatorcontrib><title>Practical Machine Learning for Cloud Intrusion Detection: Challenges and the Way Forward</title><description>Operationalizing machine learning based security detections is extremely
challenging, especially in a continuously evolving cloud environment.
Conventional anomaly detection does not produce satisfactory results for
analysts that are investigating security incidents in the cloud. Model
evaluation alone presents its own set of problems due to a lack of benchmark
datasets. When deploying these detections, we must deal with model compliance,
localization, and data silo issues, among many others. We pose the problem of
"attack disruption" as a way forward in the security data science space. In
this paper, we describe the framework, challenges, and open questions
surrounding the successful operationalization of machine learning based
security detections in a cloud environment and provide some insights on how we
have addressed them.</description><subject>Computer Science - Artificial Intelligence</subject><subject>Computer Science - Cryptography and Security</subject><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2017</creationdate><recordtype>article</recordtype><sourceid>GOX</sourceid><recordid>eNotz81OwzAQBGBfOKDCA3BiXyDBP3HscEOBQqUgkFoJbtHirBtLwUFOCvTtKYXLzGU00sfYheB5YbXmV5i-w2cuDK9yfgh9yl6fE7o5OBzgEV0fIkFDmGKIW_BjgnoYdx2s4px2Uxgj3NJMh_0Yr6HucRgobmkCjB3MPcEL7mE5pi9M3Rk78ThMdP7fC7Ze3m3qh6x5ul_VN02GpdGZLZU3pSTjC0NvzlqujCyFI0QvnSzJCq2k5c4Wnee6c9qg8hXpAqXglVqwy7_Xo6z9SOEd0779FbZHofoBZjNLjw</recordid><startdate>20170920</startdate><enddate>20170920</enddate><creator>Kumar, Ram Shankar Siva</creator><creator>Wicker, Andrew</creator><creator>Swann, Matt</creator><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20170920</creationdate><title>Practical Machine Learning for Cloud Intrusion Detection: Challenges and the Way Forward</title><author>Kumar, Ram Shankar Siva ; Wicker, Andrew ; Swann, Matt</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a675-863f762e7f47ebc88037261ceaaf2c26e8153280c84df05dc57a3f9e54a21093</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2017</creationdate><topic>Computer Science - Artificial Intelligence</topic><topic>Computer Science - Cryptography and Security</topic><toplevel>online_resources</toplevel><creatorcontrib>Kumar, Ram Shankar Siva</creatorcontrib><creatorcontrib>Wicker, Andrew</creatorcontrib><creatorcontrib>Swann, Matt</creatorcontrib><collection>arXiv Computer Science</collection><collection>arXiv.org</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Kumar, Ram Shankar Siva</au><au>Wicker, Andrew</au><au>Swann, Matt</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Practical Machine Learning for Cloud Intrusion Detection: Challenges and the Way Forward</atitle><date>2017-09-20</date><risdate>2017</risdate><abstract>Operationalizing machine learning based security detections is extremely
challenging, especially in a continuously evolving cloud environment.
Conventional anomaly detection does not produce satisfactory results for
analysts that are investigating security incidents in the cloud. Model
evaluation alone presents its own set of problems due to a lack of benchmark
datasets. When deploying these detections, we must deal with model compliance,
localization, and data silo issues, among many others. We pose the problem of
"attack disruption" as a way forward in the security data science space. In
this paper, we describe the framework, challenges, and open questions
surrounding the successful operationalization of machine learning based
security detections in a cloud environment and provide some insights on how we
have addressed them.</abstract><doi>10.48550/arxiv.1709.07095</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | DOI: 10.48550/arxiv.1709.07095 |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_arxiv_primary_1709_07095 |
| source | arXiv.org |
| subjects | Computer Science - Artificial Intelligence Computer Science - Cryptography and Security |
| title | Practical Machine Learning for Cloud Intrusion Detection: Challenges and the Way Forward |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-27T15%3A25%3A27IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-arxiv_GOX&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Practical%20Machine%20Learning%20for%20Cloud%20Intrusion%20Detection:%20Challenges%20and%20the%20Way%20Forward&rft.au=Kumar,%20Ram%20Shankar%20Siva&rft.date=2017-09-20&rft_id=info:doi/10.48550/arxiv.1709.07095&rft_dat=%3Carxiv_GOX%3E1709_07095%3C/arxiv_GOX%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |