Data classification for artificial intelligence construct training to aid in network incident identification using network telescope data
Rhodes University, Grahamstown
Proceedings of the 2010 Annual Research Conference of the South African Institute of Computer Scientists and Information Technologists, SAICSIT ’10, 2010
@inproceedings{cowie2010data,
title={Data classification for artificial intelligence construct training to aid in network incident identification using network telescope data},
author={Cowie, B. and Irwin, B.},
booktitle={Proceedings of the 2010 Annual Research Conference of the South African Institute of Computer Scientists and Information Technologists},
pages={356–360},
year={2010},
organization={ACM}
}
This paper considers the complexities involved in obtaining training data for use by artificial intelligence constructs to identify potential network incidents using passive network telescope data. While a large amount of data obtained from network telescopes exists, this data is not currently marked for known incidents. Problems related to this marking process include the accuracy of the markings, the validity of the original data and the time involved. In an attempt to solve these issues two methods of training data generation are considered namely; manual identification and automated generation. The manual technique considers heuristics for finding network incidents while the automated technique considers building simulated data sets using existing models of virus propagation and malicious activity. An example artificial intelligence system is then constructed using these marked datasets.
September 9, 2011 by hgpu