Towards trustworthy cybersecurity operations using Bayesian Deep Learning to improve uncertainty quantification of anomaly detection

Uncertainty quantification of cybersecurity anomaly detection results provides critical guidance for decision makers on whether or not to accept the results. Improving the trustworthiness of anomaly predictions can reduce the amount of alert false positives that security teams have to process. In th...

Full description

Saved in:
Bibliographic Details
Published in:Computers & security Vol. 144; p. 103909
Main Authors: Yang, Tengfei, Qiao, Yuansong, Lee, Brian
Format: Journal Article
Language:English
Published: Elsevier Ltd 01.09.2024
Subjects:
Anomaly probability
Bayesian autoencoder
Cybersecurity
Heteroscedastic noise
Uncertainty quantification
Uncertainty quantification
Cybersecurity
Bayesian autoencoder
Heteroscedastic noise
Anomaly probability
ISSN:0167-4048
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Uncertainty quantification of cybersecurity anomaly detection results provides critical guidance for decision makers on whether or not to accept the results. Improving the trustworthiness of anomaly predictions can reduce the amount of alert false positives that security teams have to process. In this work we investigate the use of Bayesian Autoencoder (BAE) models for uncertainty quantification in anomaly detection. A novel heteroscedastic aleatoric uncertainty modelling method is explored that jointly considers aleatoric and epistemic uncertainty. Heteroscedastic aleatoric uncertainty is modelled on the latent layer of the BAE and further explored through considering the variational lower bound. An uncertainty quantification framework for cybersecurity is designed and verified on UNSW-NB15 and CIC-IDS-2017 data sets. This research enhances the modelling of uncertainty in the BAE model and expands its application in cybersecurity.
ISSN:0167-4048
DOI:10.1016/j.cose.2024.103909