Related papers: IDPS Signature Classification with a Reject Option and the Incorporation of Expert Knowledge

IDPS Signature Classification with a Reject Option and the Incorporation of Expert Knowledge

URL: http://arxiv.org/abs/2207.10797v1
Date: Tue, 19 Jul 2022 06:09:33 GMT
Title: IDPS Signature Classification with a Reject Option and the Incorporation of Expert Knowledge
Authors: Hidetoshi Kawaguchi, Yuichi Nakatani and Shogo Okada
Abstract summary: We propose and evaluate a machine learning signature classification model with a reject option (RO) to reduce the cost of setting up an intrusion detection and prevention system (IDPS) To train the proposed model, it is essential to design features that are effective for signature classification. The effectiveness of the proposed classification model is evaluated in experiments with two real datasets composed of signatures labeled by experts.
Score: 3.867363075280544
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: As the importance of intrusion detection and prevention systems (IDPSs) increases, great costs are incurred to manage the signatures that are generated by malicious communication pattern files. Experts in network security need to classify signatures by importance for an IDPS to work. We propose and evaluate a machine learning signature classification model with a reject option (RO) to reduce the cost of setting up an IDPS. To train the proposed model, it is essential to design features that are effective for signature classification. Experts classify signatures with predefined if-then rules. An if-then rule returns a label of low, medium, high, or unknown importance based on keyword matching of the elements in the signature. Therefore, we first design two types of features, symbolic features (SFs) and keyword features (KFs), which are used in keyword matching for the if-then rules. Next, we design web information and message features (WMFs) to capture the properties of signatures that do not match the if-then rules. The WMFs are extracted as term frequency-inverse document frequency (TF-IDF) features of the message text in the signatures. The features are obtained by web scraping from the referenced external attack identification systems described in the signature. Because failure needs to be minimized in the classification of IDPS signatures, as in the medical field, we consider introducing a RO in our proposed model. The effectiveness of the proposed classification model is evaluated in experiments with two real datasets composed of signatures labeled by experts: a dataset that can be classified with if-then rules and a dataset with elements that do not match an if-then rule. In the experiment, the proposed model is evaluated. In both cases, the combined SFs and WMFs performed better than the combined SFs and KFs. In addition, we also performed feature analysis.

Related papers

Offline Signature Verification Based on Feature Disentangling Aided Variational Autoencoder [6.128256936054622]
Main tasks of signature verification systems include extracting features from signature images and training a classifier for classification. The instances of skilled forgeries are often unavailable, when signature verification models are being trained. This paper proposes a new signature verification method using a variational autoencoder (VAE) to extract features directly from signature images.
arXiv Detail & Related papers (2024-09-29T19:54:47Z)
Investigating the Common Authorship of Signatures by Off-Line Automatic Signature Verification Without the Use of Reference Signatures [3.3498759480099856]
This paper addresses the problem of automatic signature verification when no reference signatures are available. The scenario we explore consists of a set of signatures, which could be signed by the same author or by multiple signers. We discuss three methods which estimate automatically the common authorship of a set of off-line signatures.
arXiv Detail & Related papers (2024-05-23T10:30:48Z)
Revocable Quantum Digital Signatures [57.25067425963082]
We define and construct digital signatures with revocable signing keys from the LWE assumption. In this primitive, the signing key is a quantum state which enables a user to sign many messages. Once the key is successfully revoked, we require that the initial recipient of the key loses the ability to sign.
arXiv Detail & Related papers (2023-12-21T04:10:07Z)
Description-Enhanced Label Embedding Contrastive Learning for Text Classification [65.01077813330559]
Self-Supervised Learning (SSL) in model learning process and design a novel self-supervised Relation of Relation (R2) classification task. Relation of Relation Learning Network (R2-Net) for text classification, in which text classification and R2 classification are treated as optimization targets. external knowledge from WordNet to obtain multi-aspect descriptions for label semantic learning.
arXiv Detail & Related papers (2023-06-15T02:19:34Z)
FedSOV: Federated Model Secure Ownership Verification with Unforgeable Signature [60.99054146321459]
Federated learning allows multiple parties to collaborate in learning a global model without revealing private data. We propose a cryptographic signature-based federated learning model ownership verification scheme named FedSOV.
arXiv Detail & Related papers (2023-05-10T12:10:02Z)
Identity Documents Authentication based on Forgery Detection of Guilloche Pattern [2.606834301724095]
An authentication model for identity documents based on forgery detection of guilloche patterns is proposed. Experiments are conducted in order to analyze and identify the most proper parameters to achieve higher authentication performance.
arXiv Detail & Related papers (2022-06-22T11:37:10Z)
The Overlooked Classifier in Human-Object Interaction Recognition [82.20671129356037]
We encode the semantic correlation among classes into the classification head by initializing the weights with language embeddings of HOIs. We propose a new loss named LSE-Sign to enhance multi-label learning on a long-tailed dataset. Our simple yet effective method enables detection-free HOI classification, outperforming the state-of-the-arts that require object detection and human pose by a clear margin.
arXiv Detail & Related papers (2022-03-10T23:35:00Z)
Dual-Refinement: Joint Label and Feature Refinement for Unsupervised Domain Adaptive Person Re-Identification [51.98150752331922]
Unsupervised domain adaptive (UDA) person re-identification (re-ID) is a challenging task due to the missing of labels for the target domain data. We propose a novel approach, called Dual-Refinement, that jointly refines pseudo labels at the off-line clustering phase and features at the on-line training phase. Our method outperforms the state-of-the-art methods by a large margin.
arXiv Detail & Related papers (2020-12-26T07:35:35Z)
Few-shot Slot Tagging with Collapsed Dependency Transfer and Label-enhanced Task-adaptive Projection Network [61.94394163309688]
We propose a Label-enhanced Task-Adaptive Projection Network (L-TapNet) based on the state-of-the-art few-shot classification model -- TapNet. Experimental results show that our model significantly outperforms the strongest few-shot learning baseline by 14.64 F1 scores in the one-shot setting.
arXiv Detail & Related papers (2020-06-10T07:50:44Z)
FCN+RL: A Fully Convolutional Network followed by Refinement Layers to Offline Handwritten Signature Segmentation [3.3144312096837325]
We propose an approach to locate and extract the pixels of handwritten signatures on identification documents. The technique is based on a fully convolutional encoder-decoder network combined with a block of refinement layers for the alpha channel of the predicted image.
arXiv Detail & Related papers (2020-05-28T18:47:10Z)
Offline Signature Verification on Real-World Documents [9.271640666465363]
Signatures extracted from formal documents may contain different types of occlusions, for example, stamps, company seals, ruling lines, and signature boxes. In this paper, we address a real-world writer independent offline signature verification problem, in which, a bank's customers' transaction request documents that contain their occluded signatures are compared with their clean reference signatures. Our proposed method consists of two main components, a stamp cleaning method based on CycleGAN and signature representation based on CNNs.
arXiv Detail & Related papers (2020-04-25T10:28:03Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.