filter by:
Articles
Mahdavi, E.,
Fanian, A.,
Mirzaei, A.,
Taghiyarrenani, Zahra Knowledge-Based Systems (09507051)
Utilizing machine learning methods to detect intrusion into computer networks is a trending topic in information security research. The limitation of labeled samples is one of the challenges in this area. This challenge makes it difficult to build accurate learning models for intrusion detection. Transfer learning is one of the methods to counter such a challenge in machine learning topics. On the other hand, the emergence of new technologies and applications might bring new vulnerabilities to computer networks. Therefore, the learning process cannot occur all at once. Incremental learning is a practical standpoint to confront this challenge. This research presents a new framework for intrusion detection systems called ITL-IDS that can potentially start learning in a network without prior knowledge. It begins with an incremental clustering algorithm to detect clusters’ numbers and shape without prior assumptions about the attacks. The outcomes are candidates to transfer knowledge between other instances of ITL-IDS. In each iteration, transfer learning provides target environments with incremental knowledge. Our evaluation shows that this method can combine incremental and transfer learning to identify new attacks. © 2022
Computers and Security (01674048)
Alert Correlation is the process of analyzing alerts to reduce their number, eliminate false positives, detect the scenarios behind them and generate a higher perspective of the incidents. Making this process online will upgrade the classic role of alert correlation from being a post-process step to a key part of intrusion detection systems. In this article, we propose a novel two-phase model called a Real-time Alert Correlation method based on Code-books (RACC) for intrusion detection systems. First, in the offline phase, RACC pre-processes a knowledge base to propose some matrices as the main data structure of the method that we call them code-books. Instead of keeping alerts in the memory, those matrices just hold keys to the corresponding meta-alerts. An index that is based upon red-black trees is used to access matrix elements. Generating the matrices and mentioned index are independent from the alerts, so utilizing them can facilitate the alert correlation process in an online manner in phase two of the proposed model. The experiments show that compared to similar methods, RACC can significantly reduce the alert correlation time and can enable real-time alert correlation. © 2019 Elsevier Ltd
International Journal of Data Mining and Bioinformatics (17485673)(2)
MicroRNAs (miRNAs) are a class of short RNA molecules that regulate gene expression by binding directly to messenger RNAs. Conventional approaches to miRNA target prediction estimate the accessibility of target sites and the strength of the binding miRNA by finding optimums of some energy models, which involves O(n3) computations. Alternatively, we narrow down potential binding sites of miRNAs to suboptimal hits of a pairwise alignment algorithm called Fitting Alignment in O(n2). We invoke a same algorithm, once for all candidate sites to measure the site accessibilities. These features are applied to a binary classifier being learned to predict true associations between miRNAs and target genes. Training the classifier requires the negative samples indicating non-affected genes. The experiments verifying such negative associations have been rarely performed, so we exploit tissue-specific gene expression data to impute the negative associations. The recall rate of our method is above 70% (at precision 85%). Copyright © 2015 Inderscience Enterprises Ltd.
