FLAGS: A methodology for adaptive anomaly detection and root cause analysis on sensor data streams by fusing expert knowledge with machine learning

Steenwinckel, Bram; Paepe, Dieter De; Hautte, Sander Vanden; Heyvaert, Pieter; Bentefrit, Mohamed; Moens, Pieter; Dimou, Anastasia; Bossche, Bruno Van Den; Turck, Filip De; Hoecke, Sofie Van; Ongenae, Femke

doi:10.1016/j.future.2020.10.015

Cited by 62 publications

(51 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Researchers have proposed means to reduce misclassifications involving threat context computation [4] and intrusion root cause analysis [8]. However, such works employ ontological techniques [7] that are computation-heavy [1] and provide no information on the decentralization of policies, affecting the real-time performance of HetIoT-NIDPS especially during big data processing.…”

Section: Related Workmentioning

confidence: 99%

“…The dynamic contexts in a HetIoT adversely affect the context unaware low-level statistical inferences of ID algorithms. Thus, reinforcing them with the extracted high-level behavioral descriptions improves network redesign that is context-aware and resistant to frequent security compromises, benefitting from the interpretability of knowledge-driven specification and the adaptability of data-driven detection [1]. To achieve this, we propose an EK framework.…”

Section: Correlated Evaluation Frameworkmentioning

confidence: 99%

“…H ETEROGENEOUS networks that offer ad hoc networklike flexibility and IoT network-like connectivity are suitable for ubiquitous computing and proliferating content consumption in critical applications across domestic and industrial space [1]- [3]. Such networks are called heterogeneous IoT (or HetIoT) [5].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Expert Knowledge Correlated Evaluation of Intrusion Detection System in Heterogeneous IoT

Nitish¹,

J²,

Prakash³

et al. 2021

Preprint

View full text Add to dashboard Cite

<div>The dynamic heterogeneous IoT contexts adversely affect the performance of learning-based network intrusion detection and prevention systems resulting in increased misclassification rates—necessitating an expert knowledge correlated evaluation framework. The proposed framework includes intrusion root cause analysis and a correlation model that can be generalized over any network intrusion dataset, corresponding expert knowledge, detection technique, and learning-based algorithm. The experimentations prove the robustness of the propounded</div><div>framework on imbalanced datasets.</div>

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Correlated Evaluation Frameworkmentioning

confidence: 99%

See 1 more Smart Citation

Expert Knowledge Correlated Evaluation of Intrusion Detection System in Heterogeneous IoT

Nitish¹,

J²,

Prakash³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…The existing NIDPS policies for heterogeneous networks [1], [3], [4] suffer from high misclassification rates due to context-unaware traffic processing by learning-based algorithms, adversely affecting the HetIoT performance.…”

Section: Related Workmentioning

confidence: 99%

“…Learning-based network intrusion detection systems (NIDS) for such HetIoT infrastructures suffer from high misclassification rates [1], [8] due to context-unaware statistical evaluation of (machine or deep) learning-based algorithms as HetIoT involves dynamic contexts. Such dynamic scenarios necessitate reinforcing an expert knowledge (EK) framework for context-aware decision-making and minimizing false alerts [2], [4], [6], [7] to avoid high recovery costs due to failure.…”

Section: Introductionmentioning

confidence: 99%

Expert Knowledge Correlated Intrusion Detection System Evaluation Framework for Heterogeneous IoT

Nitish¹,

J²,

Prakash³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

Overview of Artificial Intelligence and Machine Learning

Zincir-Heywood¹,

Mellia²,

Diao³

2021

Communication Networks and Service Management in the Era of Artificial Intelligence and Machine Learning

View full text Add to dashboard Cite

Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the publisher nor author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.For general information on our other products and services or for technical support, please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002. Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic formats. For more information about Wiley products, visit our web site at www.wiley.com.

show abstract

FLAGS: A methodology for adaptive anomaly detection and root cause analysis on sensor data streams by fusing expert knowledge with machine learning

Cited by 62 publications

References 26 publications

Expert Knowledge Correlated Evaluation of Intrusion Detection System in Heterogeneous IoT

Expert Knowledge Correlated Evaluation of Intrusion Detection System in Heterogeneous IoT

Expert Knowledge Correlated Intrusion Detection System Evaluation Framework for Heterogeneous IoT

Overview of Artificial Intelligence and Machine Learning

Contact Info

Product

Resources

About