The main techniques for preventing cybersecurity attacks are based on the analysis of application/system logs stored in a host or in another device and on the analysis of network traffic data. In order to improve the accuracy and the stability of many classical approaches, the ensemble paradigm is successfully used to combine different techniques. However, as these problems are hard to cope with and, usually, they have to analyze large and fast streams of data, different types of ensemble (and of base algorithms composing the ensemble) should have experimented and, in addition, distributed architecture should be employed to reduce the high-execution times necessary to run them. In order to handle all these issues, a p2p environment to validate ensemble- based approaches in the cybersecurity domain is proposed in this paper. Two case studies are analyzed by using this framework and the preliminary scalability results demonstrate that the approach is apt to this aim.
A p2p environment to validate ensemble-based approaches in the cybersecurity domain
Francesco Folino;Gianluigi Folino;Luigi Pontieri
2020
Abstract
The main techniques for preventing cybersecurity attacks are based on the analysis of application/system logs stored in a host or in another device and on the analysis of network traffic data. In order to improve the accuracy and the stability of many classical approaches, the ensemble paradigm is successfully used to combine different techniques. However, as these problems are hard to cope with and, usually, they have to analyze large and fast streams of data, different types of ensemble (and of base algorithms composing the ensemble) should have experimented and, in addition, distributed architecture should be employed to reduce the high-execution times necessary to run them. In order to handle all these issues, a p2p environment to validate ensemble- based approaches in the cybersecurity domain is proposed in this paper. Two case studies are analyzed by using this framework and the preliminary scalability results demonstrate that the approach is apt to this aim.File | Dimensione | Formato | |
---|---|---|---|
PDP20.pdf
solo utenti autorizzati
Tipologia:
Versione Editoriale (PDF)
Licenza:
NON PUBBLICO - Accesso privato/ristretto
Dimensione
295.59 kB
Formato
Adobe PDF
|
295.59 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.