Log In Sign Up

Collaborative Information Sharing for ML-Based Threat Detection

by   Talha Ongun, et al.

Recently, coordinated attack campaigns started to become more widespread on the Internet. In May 2017, WannaCry infected more than 300,000 machines in 150 countries in a few days and had a large impact on critical infrastructure. Existing threat sharing platforms cannot easily adapt to emerging attack patterns. At the same time, enterprises started to adopt machine learning-based threat detection tools in their local networks. In this paper, we pose the question: What information can defenders share across multiple networks to help machine learning-based threat detection adapt to new coordinated attacks? We propose three information sharing methods across two networks, and show how the shared information can be used in a machine-learning network-traffic model to significantly improve its ability of detecting evasive self-propagating malware.


page 1

page 2

page 3

page 4


Adversarial Examples: Attacks on Machine Learning-based Malware Visualization Detection Methods

As the threat of malicious software (malware) becomes urgently serious, ...

A Cyber Threat Intelligence Sharing Scheme based on Federated Learning for Network Intrusion Detection

The uses of Machine Learning (ML) in detection of network attacks have b...

Knowledge Sharing via Domain Adaptation in Customs Fraud Detection

Knowledge of the changing traffic is critical in risk management. Custom...

Insider Threat Detection Based on Stress Recognition Using Keystroke Dynamics

Insider threat is one of the most pressing threats in the field of infor...

Taxonomy driven indicator scoring in MISP threat intelligence platforms

IT security community is recently facing a change of trend from closed t...

A Novel Framework for Threat Analysis of Machine Learning-based Smart Healthcare Systems

Smart healthcare systems (SHSs) are providing fast and efficient disease...