Projekteja vuodessa
Abstrakti
Command-line commands form a special kind of seminatural language. Analyzing their structure and classifying them is a useful approach in the field of cyber security to detect anomalous commands used by malicious actors. Without any contextual knowledge, commands' analysis is a difficult task as similar-looking commands might be performing different tasks, and commands with different aliases might be performing the same tasks. To understand command-line commands' structure and their syntactic and semantic meanings, we created a rule-based system based on expert opinions. Using this system, we classified command-line commands into similar and not-similar classes. This rule-based system transformed command-line commands' data into a binary classified form. We trained three machine learning models (a logistic regression document classifier, a deep learning document classifier, and a deep learning sentence-pair classifier) to learn the set of rules created in the rule-based system. We used Mathews Correlation Coefficient (MCC) score for the models' performance comparison. The logistic regression model shows an MCC score of 0.85, whereas both the Deep Learning (DL) models scored above 0.98. DL document classifier and DL sentencepair classifier achieved an accuracy of 0.943 and 0.983 respectively on unseen data. Our proposed hybrid approach solves the complex problem of classifying semi-natural language data. This approach can be used to create a domain-specific set of rules, and classify any semi-natural language data into multi-classes.
Alkuperäiskieli | englanti |
---|---|
Otsikko | Intelligent Systems and Applications. IntelliSys 2022 |
Toimittajat | Kohei Arai |
Sivumäärä | 18 |
Kustantaja | Springer, Cham |
Julkaisupäivä | 31 elok. 2022 |
Sivut | 424–441 |
ISBN (painettu) | 978-3-031-16071-4 |
ISBN (elektroninen) | 978-3-031-16072-1 |
DOI - pysyväislinkit | |
Tila | Julkaistu - 31 elok. 2022 |
OKM-julkaisutyyppi | A4 Artikkeli konferenssijulkaisuussa |
Tapahtuma | Intelligent Systems Conference 2022 (IntelliSys 2022) - Amsterdam, Alankomaat Kesto: 1 syysk. 2022 → 2 syysk. 2022 |
Julkaisusarja
Nimi | Lecture Notes in Networks and Systems (LNNS) |
---|---|
Kustantaja | Springer, Cham |
Vuosikerta | 542 |
ISSN (elektroninen) | 2367-3389 |
Tieteenalat
- 113 Tietojenkäsittely- ja informaatiotieteet
Projektit
- 1 Päättynyt
-
IVVES: IVVES
Mikkonen, T., Nurminen, J. K., Becker, L. V. A., Halvari, T. P., Hussain, Z., Kauhanen, E. O., Kramar, V. T., Laanti, T. M., Mikkonen, T., Muiruri, D., Myllyaho, L., Mylläri, J., Raatikainen, M., Salmenperä, I. E., Steenari, J. P., Stirbu, V. A., Valjakka, J. H., Hussain, Z., Myllyaho, L. & Raatikainen, M.
01/01/2020 → 31/03/2024
Projekti: Business Finland