网络威胁本体和对抗性机器学习攻击:分析和预测扰动

2021 International Conference on Computing, Computational Modelling and Applications (ICCMA) Pub Date : 2021-07-01 DOI:10.1109/ICCMA53594.2021.00020

Abel Yeboah-Ofori, Umar Mukhtar Ismail, Tymoteusz Swidurski, F. Opoku-Boateng

{"title":"网络威胁本体和对抗性机器学习攻击:分析和预测扰动","authors":"Abel Yeboah-Ofori, Umar Mukhtar Ismail, Tymoteusz Swidurski, F. Opoku-Boateng","doi":"10.1109/ICCMA53594.2021.00020","DOIUrl":null,"url":null,"abstract":"Machine learning has been used in the cybersecurity domain to predict cyberattack trends. However, adversaries can inject malicious data into the dataset during training and testing to cause perturbance and predict false narratives. It has become challenging to analyse and predicate cyberattack correlations due to their fuzzy nature and lack of understanding of the threat landscape. Thus, it is imperative to use cyber threat ontology (CTO) concepts to extract relevant attack instances in CSC security for knowledge representation. This paper explores the challenges of CTO and adversarial machine learning (AML) attacks for threat prediction to improve cybersecurity. The novelty contributions are threefold. First, CTO concepts are considered for semantic mapping and definition of relationships for explicit knowledge of threat indicators. Secondly, AML techniques are deployed maliciously to manipulate algorithms during training and testing to predict false classifications models. Finally, we discuss the performance analysis of the classification models and how CTO provides automated means. The result shows that analysis of AML attacks and CTO concepts could be used for validating a mediated schema for specific vulnerabilities.","PeriodicalId":131082,"journal":{"name":"2021 International Conference on Computing, Computational Modelling and Applications (ICCMA)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Cyber Threat Ontology and Adversarial Machine Learning Attacks: Analysis and Prediction Perturbance\",\"authors\":\"Abel Yeboah-Ofori, Umar Mukhtar Ismail, Tymoteusz Swidurski, F. Opoku-Boateng\",\"doi\":\"10.1109/ICCMA53594.2021.00020\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Machine learning has been used in the cybersecurity domain to predict cyberattack trends. However, adversaries can inject malicious data into the dataset during training and testing to cause perturbance and predict false narratives. It has become challenging to analyse and predicate cyberattack correlations due to their fuzzy nature and lack of understanding of the threat landscape. Thus, it is imperative to use cyber threat ontology (CTO) concepts to extract relevant attack instances in CSC security for knowledge representation. This paper explores the challenges of CTO and adversarial machine learning (AML) attacks for threat prediction to improve cybersecurity. The novelty contributions are threefold. First, CTO concepts are considered for semantic mapping and definition of relationships for explicit knowledge of threat indicators. Secondly, AML techniques are deployed maliciously to manipulate algorithms during training and testing to predict false classifications models. Finally, we discuss the performance analysis of the classification models and how CTO provides automated means. The result shows that analysis of AML attacks and CTO concepts could be used for validating a mediated schema for specific vulnerabilities.\",\"PeriodicalId\":131082,\"journal\":{\"name\":\"2021 International Conference on Computing, Computational Modelling and Applications (ICCMA)\",\"volume\":\"29 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 International Conference on Computing, Computational Modelling and Applications (ICCMA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCMA53594.2021.00020\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Conference on Computing, Computational Modelling and Applications (ICCMA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCMA53594.2021.00020","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

机器学习已被用于网络安全领域，以预测网络攻击趋势。然而，攻击者可以在训练和测试期间将恶意数据注入数据集，以引起扰动并预测错误的叙述。由于网络攻击的模糊性和缺乏对威胁环境的理解，分析和预测网络攻击的相关性变得具有挑战性。因此，利用网络威胁本体(CTO)的概念提取CSC安全中的相关攻击实例进行知识表示势在必行。本文探讨了CTO和对抗性机器学习(AML)攻击对威胁预测的挑战，以提高网络安全。新奇的贡献有三个方面。首先，考虑了CTO概念的语义映射和威胁指示器显式知识的关系定义。其次，在训练和测试期间恶意部署AML技术来操纵算法以预测错误的分类模型。最后，我们讨论了分类模型的性能分析以及CTO如何提供自动化的方法。结果表明，对AML攻击和CTO概念的分析可用于验证针对特定漏洞的中介模式。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Cyber Threat Ontology and Adversarial Machine Learning Attacks: Analysis and Prediction Perturbance

Machine learning has been used in the cybersecurity domain to predict cyberattack trends. However, adversaries can inject malicious data into the dataset during training and testing to cause perturbance and predict false narratives. It has become challenging to analyse and predicate cyberattack correlations due to their fuzzy nature and lack of understanding of the threat landscape. Thus, it is imperative to use cyber threat ontology (CTO) concepts to extract relevant attack instances in CSC security for knowledge representation. This paper explores the challenges of CTO and adversarial machine learning (AML) attacks for threat prediction to improve cybersecurity. The novelty contributions are threefold. First, CTO concepts are considered for semantic mapping and definition of relationships for explicit knowledge of threat indicators. Secondly, AML techniques are deployed maliciously to manipulate algorithms during training and testing to predict false classifications models. Finally, we discuss the performance analysis of the classification models and how CTO provides automated means. The result shows that analysis of AML attacks and CTO concepts could be used for validating a mediated schema for specific vulnerabilities.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2021 International Conference on Computing, Computational Modelling and Applications (ICCMA)

自引率

0.00%

发文量