ILAB: An Interactive Labelling Strategy for Intrusion Detection

Anaël Beaugnon 1, 2, 3 Pierre Chifflier 1 Francis Bach 2, 3
3 SIERRA - Statistical Machine Learning and Parsimony
DI-ENS - Département d'informatique de l'École normale supérieure, CNRS - Centre National de la Recherche Scientifique, Inria de Paris
Abstract : Acquiring a representative labelled dataset is a hurdle that has to be overcome to learn a supervised detection model. Labelling a dataset is particularly expensive in computer security as expert knowledge is required to perform the annotations. In this paper, we introduce ILAB, a novel interactive labelling strategy that helps experts label large datasets for intrusion detection with a reduced workload. First, we compare ILAB with two state-of-the-art labelling strategies on public labelled datasets and demonstrate it is both an effective and a scalable solution. Second, we show ILAB is workable with a real-world annotation project carried out on a large unlabelled NetFlow dataset originating from a production environment. We provide an open source implementation (https://github.com/ANSSI-FR/SecuML/) to allow security experts to label their own datasets and researchers to compare labelling strategies.
Type de document :
Communication dans un congrès
RAID 2017: Research in Attacks, Intrusions and Defenses, Sep 2017, Atlanta, United States
Liste complète des métadonnées

Littérature citée [47 références]  Voir  Masquer  Télécharger

https://hal.archives-ouvertes.fr/hal-01636299
Contributeur : Anaël Beaugnon <>
Soumis le : jeudi 16 novembre 2017 - 13:58:46
Dernière modification le : jeudi 26 avril 2018 - 10:29:12
Document(s) archivé(s) le : samedi 17 février 2018 - 15:33:39

Fichier

ilab_beaugnonchifflierbach_rai...
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01636299, version 1

Collections

Citation

Anaël Beaugnon, Pierre Chifflier, Francis Bach. ILAB: An Interactive Labelling Strategy for Intrusion Detection. RAID 2017: Research in Attacks, Intrusions and Defenses, Sep 2017, Atlanta, United States. 〈hal-01636299〉

Partager

Métriques

Consultations de la notice

154

Téléchargements de fichiers

54