Towards trustworthy cybersecurity operations using Bayesian Deep Learning to improve uncertainty quantification of anomaly detection

Uncertainty quantification of cybersecurity anomaly detection results provides critical guidance for decision makers on whether or not to accept the results. Improving the trustworthiness of anomaly predictions can reduce the amount of alert false positives that security teams have to process. In th...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Computers & security Ročník 144; s. 103909
Hlavní autoři: Yang, Tengfei, Qiao, Yuansong, Lee, Brian
Médium: Journal Article
Jazyk:angličtina
Vydáno: Elsevier Ltd 01.09.2024
Témata:
Anomaly probability
Bayesian autoencoder
Cybersecurity
Heteroscedastic noise
Uncertainty quantification
Uncertainty quantification
Cybersecurity
Bayesian autoencoder
Heteroscedastic noise
Anomaly probability
ISSN:0167-4048
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Uncertainty quantification of cybersecurity anomaly detection results provides critical guidance for decision makers on whether or not to accept the results. Improving the trustworthiness of anomaly predictions can reduce the amount of alert false positives that security teams have to process. In this work we investigate the use of Bayesian Autoencoder (BAE) models for uncertainty quantification in anomaly detection. A novel heteroscedastic aleatoric uncertainty modelling method is explored that jointly considers aleatoric and epistemic uncertainty. Heteroscedastic aleatoric uncertainty is modelled on the latent layer of the BAE and further explored through considering the variational lower bound. An uncertainty quantification framework for cybersecurity is designed and verified on UNSW-NB15 and CIC-IDS-2017 data sets. This research enhances the modelling of uncertainty in the BAE model and expands its application in cybersecurity.
ISSN:0167-4048
DOI:10.1016/j.cose.2024.103909