DeepAI AI Chat
Log In Sign Up

Machine learning on knowledge graphs for context-aware security monitoring

by   Josep Soler Garrido, et al.
Siemens AG

Machine learning techniques are gaining attention in the context of intrusion detection due to the increasing amounts of data generated by monitoring tools, as well as the sophistication displayed by attackers in hiding their activity. However, existing methods often exhibit important limitations in terms of the quantity and relevance of the generated alerts. Recently, knowledge graphs are finding application in the cybersecurity domain, showing the potential to alleviate some of these drawbacks thanks to their ability to seamlessly integrate data from multiple domains using human-understandable vocabularies. We discuss the application of machine learning on knowledge graphs for intrusion detection and experimentally evaluate a link-prediction method for scoring anomalous activity in industrial systems. After initial unsupervised training, the proposed method is shown to produce intuitively well-calibrated and interpretable alerts in a diverse range of scenarios, hinting at the potential benefits of relational machine learning on knowledge graphs for intrusion detection purposes.


Detection, Explanation and Filtering of Cyber Attacks Combining Symbolic and Sub-Symbolic Methods

Machine learning (ML) on graph-structured data has recently received dee...

Feature Selection and Intrusion Detection in Cloud Environment based on Machine Learning Algorithms

Characteristics and way of behavior of attacks and infiltrators on compu...

Ensemble learning techniques for intrusion detection system in the context of cybersecurity

Recently, there has been an interest in improving the resources availabl...

A Hybrid Approach for an Interpretable and Explainable Intrusion Detection System

Cybersecurity has been a concern for quite a while now. In the latest ye...

An energy-based model for neuro-symbolic reasoning on knowledge graphs

Machine learning on graph-structured data has recently become a major to...

EdgeServe: An Execution Layer for Decentralized Prediction

The relevant features for a machine learning task may be aggregated from...