All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Robust Representation for Domain Adaptation in Network Security

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F15%3A00239342" target="_blank" >RIV/68407700:21230/15:00239342 - isvavai.cz</a>

  • Result on the web

    <a href="http://link.springer.com/chapter/10.1007%2F978-3-319-23461-8_8" target="_blank" >http://link.springer.com/chapter/10.1007%2F978-3-319-23461-8_8</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1007/978-3-319-23461-8_8" target="_blank" >10.1007/978-3-319-23461-8_8</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Robust Representation for Domain Adaptation in Network Security

  • Original language description

    The goal of domain adaptation is to solve the problem of different joint distribution of observation and labels in the training and testing data sets. This problem happens in many practical situations such as when a malware detector is trained from labeled datasets at certain time point but later evolves to evade detection. We solve the problem by introducing a new representation which ensures that a conditional distribution of the observation given labels is the same. The representation is computed forbags of samples (network traffic logs) and is designed to be invariant under shifting and scaling of the feature values extracted from the logs and under permutation and size changes of the bags. The invariance of the representation is achieved by relying on a self-similarity matrix computed for each bag. In our experiments, we will show that the representation is effective for training detector of malicious traffic in large corporate networks. Compared to the case without domain adapta

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

    JC - Computer hardware and software

  • OECD FORD branch

Result continuities

  • Project

  • Continuities

    I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace

Others

  • Publication year

    2015

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Machine Learning and Knowledge Discovery in Databases, Part III

  • ISBN

    978-3-319-23460-1

  • ISSN

    0302-9743

  • e-ISSN

  • Number of pages

    17

  • Pages from-to

    116-132

  • Publisher name

    Springer

  • Place of publication

    Heidelberg

  • Event location

    Porto

  • Event date

    Sep 7, 2015

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

    000363667400011

Similar results(10)

Learning Invariant Representation for Malicious Network Traffic DetectionLearning Detector of Malicious Network Traffic from Weak LabelsOptimized Invariant Representation of Network Traffic for Detecting Unseen Malware Variants