Hinting to Improve Classification Performance

Document Type

Thesis

Degree Name

Master of Science (MS)

Department

<--Please Select Department-->

Date of Award

Summer 2020

Abstract

Anomaly detection using machine learning (ML) and deep learning (DL) is widely used by many different companies throughout the world to detect anomalies within their computer and network systems. However, simply adopting different ML/DL algorithms may be limited since the ML/DL models are rather generic without considering specific domain contexts (e.g., system/network configuration, software deployment, known vulnerabilities, etc.), which also largely limit the degree of performance improvement even with newly introduced ML/DL models. This research addresses the research question of how to improve detection performance when using a DL-based approach for network anomaly detection. The proposed approach in this research is the provision of "hinting" as the contextual information to improve the detection performance. To this end, this thesis analyzes the correlation between the DL score (the outcome of the DL model) and the actual label information (telling whether the data instance input in the DL model is normal or not), using a deep neural network (DNN). Finally, this thesis evaluates the proposed method using two recent public network datasets (UNSW-NB15 and IDS2017) and shows the potential of the proposed hinting approach.

Advisor

Jinoh Kim

Subject Categories

Computer Sciences | Physical Sciences and Mathematics

Link to Full Text

Share

COinS