Semi-supervised Multivariate Statistical Network Monitoring for Learning Security Threats

Jose Camacho, Gabriel Macia-Fernandez, Noemi Marta Fuentes-Garcia, Edoardo Saccenti
2019 IEEE Transactions on Information Forensics and Security  
This paper presents a semi-supervised approach for intrusion detection. The method extends the unsupervised Multivariate Statistical Network Monitoring approach based on Principal Component Analysis by introducing a supervised optimization technique to learn the optimum scaling in the input data. It inherits the advantages of the unsupervised strategy, capable of uncovering new threats, with that of supervised strategies, able of learning the pattern of a targeted threat. The supervised
more » ... is based on an extension of the gradient descent method based on Partial Least Squares (PLS). Moreover, we enhance this method by using sparse PLS variants. The practical application of the system is demonstrated on a recently published real case study, showing relevant improvements in detection performance and in the interpretation of the attacks.
doi:10.1109/tifs.2019.2894358 fatcat:2a7oxvm6d5chvkxqkduvqahife